[PLUGIN-1945] Skip bucket creation if exist (copy/move action) by psainics · Pull Request #1596 · data-integrations/google-cloud

psainics · 2026-02-18T04:48:28Z

Skip bucket creation if exist (copy/move action)

Jira : PLUGIN-1945

Description

if the user does not have storage.buckets.create the flow fails with 403 error, bucket creation should be skipped if the bucket already exists.

Code change

Modified StorageClient.java

src/main/java/io/cdap/plugin/gcp/gcs/StorageClient.java

itsankit-google · 2026-02-18T07:35:55Z

src/main/java/io/cdap/plugin/gcp/gcs/StorageClient.java

   */
  public void createBucketIfNotExists(GCSPath path, @Nullable String location, @Nullable CryptoKeyName cmekKeyName) {
    try {
+      if (storage.get(path.getBucket()) != null) {


This adds an additional permission storage.buckets.get, do we do storage.get anywhere else?

I wonder if we should do storage.list instead which we do already later on?

or may be we could just ignore 403 with storage.get and move forward for backward compatibility.

storage.buckets.get permission is required for this plugin to work, we use it to traverse the bucket in function pairTraverse.

pairTraverse function might be only getting called in GCS Move / Copy plugin but StorageClient is used in all other GCS plugins as well.

As of now createBucketIfNotExists is only being used in gcs copy/move action.

From gcs docs it looks like list permission is for listing all buckets in a project, much slower than get, and less secure.

Let me know what do you think.

As I mentioned in the reply, we can use storage.get but just ignore 403 with storage.get and move forward for backward compatibility.

Updated

// Skip bucket creation if bucket already exists. try { if (storage.get(path.getBucket()) != null) { LOG.info("Bucket {} already exists, skipping creation.", path.getBucket()); return; } } catch (StorageException e) { int errorCode = e.getCode(); if (errorCode == 403) { LOG.warn( "Getting 403 Forbidden: {} You may not have permission to access bucket {}. Attempting to create bucket.", e.getMessage(), path.getUri()); } else { LOG.warn("Getting unexpected error code {}: {} when checking if bucket {} exists. Attempting to create bucket.", errorCode, e.getMessage(), path.getBucket()); } } // Fallback to bucket creations when get returns null or throws exception. // ... Old Flow

- Add try-catch around bucket existence check to handle permission errors - Log warning messages for 403 Forbidden and other unexpected errors - Fallback to bucket creation when existence check fails - Separate bucket check and creation into distinct try-catch blocks

src/main/java/io/cdap/plugin/gcp/gcs/StorageClient.java

itsankit-google · 2026-02-18T10:11:34Z

src/main/java/io/cdap/plugin/gcp/gcs/StorageClient.java

+    } catch (StorageException e) {
+      // do not throw error if unable to access bucket for backward compatibility.
+      LOG.warn("Getting unexpected error code {}: {} when checking if bucket {} exists. Attempting to create bucket.",
+          e.getCode(), e.getMessage(), path.getBucket());


please also add the exception in the log.

LOG.warn(....., e);

…ails

Skip bucket creation if exist (copy/move action)

a201e32

psainics self-assigned this Feb 18, 2026

psainics added enhancement New feature or request build Trigger unit test build labels Feb 18, 2026

psainics requested review from prince-cs and vikasrathee-cs February 18, 2026 06:19

vikasrathee-cs approved these changes Feb 18, 2026

View reviewed changes

vikasrathee-cs requested a review from sahusanket February 18, 2026 06:29

vsethi09 requested a review from itsankit-google February 18, 2026 07:06