Try resolving project id from Google credentials if not provided

Author: gustavovnicius

gcp-auth-extension/README.md

@@ -34,14 +34,13 @@ The extension can be configured either by environment variables or system proper
 
 Here is a list of required and optional configuration available for the extension:
 
-#### Required Config
+#### Optional Config
 
 - `GOOGLE_CLOUD_PROJECT`: Environment variable that represents the Google Cloud Project ID to which the telemetry needs to be exported.
 
   - Can also be configured using `google.cloud.project` system property.
-  - This is a required option, the agent configuration will fail if this option is not set.
-
-#### Optional Config
+  - If neither of these options are set, the extension will attempt to use the `ServiceOptions` class from `google-cloud-core` to determine the project ID. The `ServiceOptions` has a comprehensive logic to determine the project ID, which includes checking the environment variable `GOOGLE_CLOUD_PROJECT`, the `gcloud` configuration, the local metadata server, and the `GOOGLE_APPLICATION_CREDENTIALS` file.
+  - **Important Note**: The agent configuration will fail if this option is not set or cannot be inferred.
 
 - `GOOGLE_CLOUD_QUOTA_PROJECT`: Environment variable that represents the Google Cloud Quota Project ID which will be charged for the GCP API usage. To learn more about a *quota project*, see the [Quota project overview](https://cloud.google.com/docs/quotas/quota-project) page. Additional details about configuring the *quota project* can be found on the [Set the quota project](https://cloud.google.com/docs/quotas/set-quota-project) page.
 

gcp-auth-extension/build.gradle.kts

@@ -24,13 +24,14 @@ dependencies {
   compileOnly("io.opentelemetry:opentelemetry-exporter-otlp")
 
   // Only dependencies added to `implementation` configuration will be picked up by Shadow plugin
-  implementation("com.google.auth:google-auth-library-oauth2-http:1.39.1")
+  implementation("com.google.auth:google-auth-library-oauth2-http:1.40.0")
 
   // Test dependencies
   testCompileOnly("com.google.auto.service:auto-service-annotations")
   testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine")
   testImplementation("org.junit.jupiter:junit-jupiter-api")
   testCompileOnly("org.junit.jupiter:junit-jupiter-params")
+  testImplementation("org.junit-pioneer:junit-pioneer")
 
   testImplementation("io.opentelemetry:opentelemetry-api")
   testImplementation("io.opentelemetry:opentelemetry-exporter-otlp")

gcp-auth-extension/src/main/java/io/opentelemetry/contrib/gcp/auth/GcpAuthAutoConfigurationCustomizerProvider.java

@@ -5,13 +5,13 @@
 
 package io.opentelemetry.contrib.gcp.auth;
 
-import static io.opentelemetry.api.common.AttributeKey.stringKey;
 import static java.util.Arrays.stream;
 import static java.util.stream.Collectors.joining;
 import static java.util.stream.Collectors.toMap;
 
 import com.google.auth.oauth2.GoogleCredentials;
 import com.google.auto.service.AutoService;
+import io.opentelemetry.api.common.AttributeKey;
 import io.opentelemetry.api.common.Attributes;
 import io.opentelemetry.contrib.gcp.auth.GoogleAuthException.Reason;
 import io.opentelemetry.exporter.otlp.http.metrics.OtlpHttpMetricExporter;
@@ -25,6 +25,7 @@
 import io.opentelemetry.sdk.autoconfigure.spi.AutoConfigurationCustomizer;
 import io.opentelemetry.sdk.autoconfigure.spi.AutoConfigurationCustomizerProvider;
 import io.opentelemetry.sdk.autoconfigure.spi.ConfigProperties;
+import io.opentelemetry.sdk.autoconfigure.spi.ConfigurationException;
 import io.opentelemetry.sdk.metrics.export.MetricExporter;
 import io.opentelemetry.sdk.resources.Resource;
 import io.opentelemetry.sdk.trace.export.SpanExporter;
@@ -111,7 +112,12 @@ public void customize(@Nonnull AutoConfigurationCustomizer autoConfiguration) {
         .addMetricExporterCustomizer(
             (metricExporter, configProperties) ->
                 customizeMetricExporter(metricExporter, credentials, configProperties))
-        .addResourceCustomizer(GcpAuthAutoConfigurationCustomizerProvider::customizeResource);
+        .addResourceCustomizer(
+            (resource, configProperties) -> {
+              String gcpProjectId = getGoogleProjectId(configProperties, credentials);
+
+              return customizeResource(resource, gcpProjectId);
+            });
   }
 
   @Override
@@ -228,10 +234,36 @@ private static Map<String, String> getRequiredHeaderMap(
   }
 
   // Updates the current resource with the attributes required for ingesting OTLP data on GCP.
-  private static Resource customizeResource(Resource resource, ConfigProperties configProperties) {
-    String gcpProjectId =
-        ConfigurableOption.GOOGLE_CLOUD_PROJECT.getConfiguredValue(configProperties);
-    Resource res = Resource.create(Attributes.of(stringKey(GCP_USER_PROJECT_ID_KEY), gcpProjectId));
+  private static Resource customizeResource(Resource resource, String gcpProjectId) {
+    Resource res =
+        Resource.create(
+            Attributes.of(AttributeKey.stringKey(GCP_USER_PROJECT_ID_KEY), gcpProjectId));
     return resource.merge(res);
   }
+
+  /**
+   * Retrieves the Google Cloud Project ID from the configuration properties, falling back to
+   * google-cloud-core's ServiceOptions project ID resolution if not explicitly set.
+   *
+   * @param configProperties The configuration properties containing the GCP project ID.
+   * @return The Google Cloud Project ID.
+   */
+  @Nonnull
+  static String getGoogleProjectId(
+      ConfigProperties configProperties, GoogleCredentials credentials) {
+    String googleProjectId =
+        ConfigurableOption.GOOGLE_CLOUD_PROJECT.getConfiguredValueWithFallback(
+            configProperties, credentials::getProjectId);
+
+    if (googleProjectId == null || googleProjectId.isEmpty()) {
+      throw new ConfigurationException(
+          String.format(
+              "GCP Authentication Extension not configured properly: %s not configured. Configure it by exporting environment variable %s or system property %s",
+              ConfigurableOption.GOOGLE_CLOUD_PROJECT,
+              ConfigurableOption.GOOGLE_CLOUD_PROJECT.getEnvironmentVariable(),
+              ConfigurableOption.GOOGLE_CLOUD_PROJECT.getSystemProperty()));
+    }
+
+    return googleProjectId;
+  }
 }

gcp-auth-extension/src/test/java/io/opentelemetry/contrib/gcp/auth/GcpAuthAutoConfigurationCustomizerProviderTest.java

@@ -12,6 +12,8 @@
 import static io.opentelemetry.contrib.gcp.auth.GcpAuthAutoConfigurationCustomizerProvider.SIGNAL_TYPE_TRACES;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
@@ -40,6 +42,7 @@
 import io.opentelemetry.sdk.autoconfigure.internal.SpiHelper;
 import io.opentelemetry.sdk.autoconfigure.spi.ConfigProperties;
 import io.opentelemetry.sdk.autoconfigure.spi.ConfigurationException;
+import io.opentelemetry.sdk.autoconfigure.spi.internal.DefaultConfigProperties;
 import io.opentelemetry.sdk.autoconfigure.spi.metrics.ConfigurableMetricExporterProvider;
 import io.opentelemetry.sdk.autoconfigure.spi.traces.ConfigurableSpanExporterProvider;
 import io.opentelemetry.sdk.common.CompletableResultCode;
@@ -74,6 +77,8 @@
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.Arguments;
 import org.junit.jupiter.params.provider.MethodSource;
+import org.junitpioneer.jupiter.ClearSystemProperty;
+import org.junitpioneer.jupiter.SetSystemProperty;
 import org.mockito.ArgumentCaptor;
 import org.mockito.Captor;
 import org.mockito.Mock;
@@ -538,6 +543,51 @@ void testTargetSignalsBehavior(TargetSignalBehavior testCase) {
     }
   }
 
+  @Test
+  @ClearSystemProperty(key = "GOOGLE_CLOUD_PROJECT")
+  @ClearSystemProperty(key = "google.cloud.project")
+  void testThrowsExceptionIfGoogleProjectIsNotFound() {
+    DefaultConfigProperties configProperties =
+        DefaultConfigProperties.create(Collections.emptyMap(), Mockito.mock(ComponentLoader.class));
+
+    Mockito.when(mockedGoogleCredentials.getProjectId()).thenReturn(null);
+
+    assertThrows(
+        ConfigurationException.class,
+        () ->
+            GcpAuthAutoConfigurationCustomizerProvider.getGoogleProjectId(
+                configProperties, mockedGoogleCredentials));
+  }
+
+  @Test
+  @SetSystemProperty(key = "google.cloud.project", value = DUMMY_GCP_RESOURCE_PROJECT_ID)
+  void testResolveGoogleProjectIdFromSystemProperty() {
+    DefaultConfigProperties configProperties =
+        DefaultConfigProperties.create(Collections.emptyMap(), Mockito.mock(ComponentLoader.class));
+
+    assertEquals(
+        DUMMY_GCP_RESOURCE_PROJECT_ID,
+        GcpAuthAutoConfigurationCustomizerProvider.getGoogleProjectId(
+            configProperties, mockedGoogleCredentials));
+
+    Mockito.verifyNoInteractions(mockedGoogleCredentials);
+  }
+
+  @Test
+  @ClearSystemProperty(key = "google.cloud.project")
+  @ClearSystemProperty(key = "GOOGLE_CLOUD_PROJECT")
+  void testResolveGoogleProjectIdFromServiceOptions() {
+    DefaultConfigProperties configProperties =
+        DefaultConfigProperties.create(Collections.emptyMap(), Mockito.mock(ComponentLoader.class));
+
+    Mockito.when(mockedGoogleCredentials.getProjectId()).thenReturn(DUMMY_GCP_RESOURCE_PROJECT_ID);
+
+    assertEquals(
+        DUMMY_GCP_RESOURCE_PROJECT_ID,
+        GcpAuthAutoConfigurationCustomizerProvider.getGoogleProjectId(
+            configProperties, mockedGoogleCredentials));
+  }
+
   /** Test cases specifying expected behavior for GOOGLE_OTEL_AUTH_TARGET_SIGNALS */
   private static Stream<Arguments> provideTargetSignalBehaviorTestCases() {
     return Stream.of(