def commit_repository_changes()

in qwiklabs/terraform-modules/colab-deployment/cloud-function/main.py [0:0]


def commit_repository_changes(client, project, region, gcp_account_name) -> str:

    # Get auth of service account
    creds, project = google.auth.default()
    auth_req = google.auth.transport.requests.Request() # required to acess access token
    creds.refresh(auth_req)
    access_token=creds.token
    auth_header = { 'Authorization'   : "Bearer " + access_token ,
                    'Content-Type'    : 'application/json'
    }

    directory = f"{os.path.dirname(__file__)}/notebooks/"
    for file in os.listdir(directory):
        with open(os.path.join(directory, file), 'rb') as f:
            encoded_string = f.read()
        file_base_name = os.path.basename(file).removesuffix(".ipynb")
        print(f"file_base_name: {file_base_name}")
        repo_id = f"projects/{project}/locations/{region}/repositories/{file_base_name}"
        print(f"repo_id: {repo_id}")
        request = dataform_v1beta1.CommitRepositoryChangesRequest()
        request.name = repo_id
        request.commit_metadata = dataform_v1beta1.CommitMetadata(
            author=dataform_v1beta1.CommitAuthor(
                name="Google Data Beans",
                email_address="no-reply@google.com"
            ),
            commit_message="Committing Data Beans notebook"
        )
        request.file_operations = {}
        request.file_operations["content.ipynb"] = \
            dataform_v1beta1.\
            CommitRepositoryChangesRequest.\
            FileOperation(write_file=dataform_v1beta1.
                          CommitRepositoryChangesRequest.
                          FileOperation.
                          WriteFile(contents=encoded_string)
                          )
        print(request.file_operations)
        client.commit_repository_changes(request=request)
        print(f"Committed changes to {repo_id}")

        # change the IAM permissions so the user owns the notebook and it shows in Colab correctly
        uri=f"https://dataform.googleapis.com/v1beta1/projects/{project}/locations/{region}/repositories/{file_base_name}:setIamPolicy"
        json = '{ "policy": { "bindings": [ { "role": "roles/dataform.admin", "members": [ "user:' + gcp_account_name + '" ] } ] } }'

        # curl -X POST "https://dataform.googleapis.com/v1beta1/projects/data-beans-xxxx/locations/us-central1/repositories/Event-Populate-Table:setIamPolicy" \
        # --header "Authorization: Bearer $(gcloud auth application-default print-access-token)" \
        # --header "Content-Type: application/json" \
        # --data "${json}" \
        # --compressed

        try:
            print (f"Setting Policy URI: {uri}")
            print (f"Setting Policy JSON: {json}")
            response = requests.post(uri, headers=auth_header, data=json)
            response.raise_for_status()
            print(f"SUCCESS: Set IAM Policy for Notebook: {file_base_name}")
        except requests.exceptions.RequestException as err:
            print(f"FAILED: Set IAM Policy for Notebook: {file_base_name}")
            print(err)
            raise err
        
    return ("Committed changes to all repos")