Skip to content

test(appengine/storage): remove public ACL assignment to comply with public access prevention#4327

Open
angelcaamal wants to merge 1 commit into
mainfrom
fix/appengine-storage-acl
Open

test(appengine/storage): remove public ACL assignment to comply with public access prevention#4327
angelcaamal wants to merge 1 commit into
mainfrom
fix/appengine-storage-acl

Conversation

@angelcaamal
Copy link
Copy Markdown
Contributor

@angelcaamal angelcaamal commented May 27, 2026
edited
Loading

Description

Fixes a CI test failure in the appengine/storage sample caused by a security policy violation during the test setup.

Why is this needed?

The before hook in the test suite was attempting to assign the allUsers role to the newly created temporary bucket. Because the CI project environment enforces Public Access Prevention, the Google Cloud Storage API immediately rejected this operation with the following error:

Error: The member bindings allUsers and allAuthenticatedUsers are not allowed since public access prevention is enforced.

Fixes Internal: b/517226702

Note: Before submitting a pull request, please open an issue for discussion if you are not associated with Google.

Checklist

  • I have followed guidelines from CONTRIBUTING.MD and Samples Style Guide
  • Tests pass: npm test (see Testing)
  • Lint pass: npm run lint (see Style)
  • Required CI tests pass (see CI testing)
  • These samples need a new API enabled in testing projects to pass (let us know which ones)
  • These samples need a new/updated env vars in testing projects set to pass (let us know which ones)
  • This pull request is from a branch created directly off of GoogleCloudPlatform/nodejs-docs-samples. Not a fork.
  • This sample adds a new sample directory, and I updated the CODEOWNERS file with the codeowners for this sample
  • This sample adds a new sample directory, and I created GitHub Actions workflow for this sample
  • This sample adds a new Product API, and I updated the Blunderbuss issue/PR auto-assigner with the codeowners for this sample
  • Please merge this PR for me once it is approved

Note: Any check with (dev), (experimental), or (legacy) can be ignored and should not block your PR from merging (see CI testing).

@angelcaamal angelcaamal added api: appengine Issues related to the App Engine Admin API API. samples Issues that are directly related to samples. labels May 27, 2026
gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request simplifies the test setup across multiple App Engine storage system tests by removing the explicit ACL configuration and argument passing when creating a storage bucket, changing bucket.create(bucket) to a simpler bucket.create(). There are no review comments, and I have no additional feedback to provide.

@angelcaamal angelcaamal marked this pull request as ready for review May 27, 2026 20:36
@angelcaamal angelcaamal requested review from a team as code owners May 27, 2026 20:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

api: appengine Issues related to the App Engine Admin API API. samples Issues that are directly related to samples.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@angelcaamal