chore: Migrate gsutil usage to gcloud storage

[bhandarivijay-png]

Automated: Migrate {target_path} from gsutil to gcloud storage

This CL is part of the on going effort to migrate from the legacy gsutil tool to the new and improved gcloud storage command-line interface.
gcloud storage is the recommended and modern tool for interacting with Google Cloud Storage, offering better performance, unified authentication, and a more consistent command structure with other gcloud components. 🚀

Automation Details

This change was generated automatically by an agent that targets users of gsutil.
The transformations applied are based on the gsutil to gcloud storage migration guide.

⚠️ Action Required: Please Review and Test Carefully

While we have based the automation on the migration guide, every use case is unique.
It is crucial that you thoroughly test these changes in environments appropriate to your use-case before merging.
Be aware of potential differences between gsutil and gcloud storage that could impact your workflows.
For instance, the structure of command output may have changed, requiring updates to any scripts that parse it. Similarly, command behavior can differ subtly; the gcloud storage rsync command has a different file deletion logic than gsutil rsync, which could lead to unintended file deletions.

Our migration guides can help guide you through a list of mappings and some notable differences between the two tools.

Standard presubmit tests are run as part of this CL's workflow. If you need to target an additional test workflow or require assistance with testing, please let us know.

Please verify that all your Cloud Storage operations continue to work as expected to avoid any potential disruptions in production.

Support and Collaboration

The GCS CLI team is here to help! If you encounter any issues, have a complex use case that this automated change doesn't cover, or face any other blockers, please don't hesitate to reach out.
We are happy to work with you to test and adjust these changes as needed.

Contact: gcs-cli-hyd@google.com

We appreciate your partnership in this important migration effort!

#gsutil-migration

[bhandarivijay-png]

Hi @n-h-diaz, Can we get your review on this PR? Thanks!

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request automates the migration of Google Cloud Storage operations from the legacy gsutil command-line tool to the modern gcloud storage interface. The changes aim to leverage the improved performance, unified authentication, and consistent command structure offered by gcloud storage, ensuring that cloud operations align with current best practices.

Highlights

• Cloud Build Configuration Update: The cloudbuild.yaml file has been updated to replace the gsutil command with gcloud storage cp for copying artifacts to Google Cloud Storage. The builder image was also changed from gcr.io/cloud-builders/gsutil to gcr.io/cloud-builders/gcloud.
• Shell Script Migration: The simple/run_stats.sh script has been modified to migrate gsutil commands to their gcloud storage equivalents. Specifically, gsutil -m cp -r was replaced with gcloud storage cp --recursive, and gsutil ls -l -r was replaced with gcloud storage ls --long --recursive.

Changelog

• cloudbuild.yaml
  • Updated the Cloud Build step to use gcloud storage cp instead of gsutil cp for artifact deployment.
  • Changed the builder image from gcr.io/cloud-builders/gsutil to gcr.io/cloud-builders/gcloud.
• simple/run_stats.sh
  • Replaced gsutil -m cp -r with gcloud storage cp --recursive for copying directories to GCS.
  • Replaced gsutil ls -l -r with gcloud storage ls --long --recursive for listing GCS contents.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request automatically migrates gsutil commands to gcloud storage in cloudbuild.yaml and simple/run_stats.sh. While the migration itself is correct, it preserves and highlights a significant command injection vulnerability in simple/run_stats.sh. This script constructs and executes shell commands using unquoted variables, which can be exploited if command-line arguments are derived from untrusted sources. It is strongly recommended to fix the command execution logic in simple/run_stats.sh to ensure all arguments are properly quoted and handled safely by the shell, which will also improve robustness against file paths containing spaces.

[keyurva]

Thanks @bhandarivijay-png. Had a couple of questions:

• Does gcloud storage behave exactly as gsutil or are there any differences?
• What version of the gcloud sdk does this need? Do our Dockerfiles need to be updated so they are using the correct version?

Also adding @ajaits and @rohitkumarbhagat for awareness for changes to the import tool cloud build. Both - please chime in if any concerns.

[bhandarivijay-png]

**keyurva **

1. Behavioral Differences:
   Generally, gcloud storage is designed to be a drop-in replacement for gsutil for standard operations like cp, ls, and mv. The primary difference is performance.it's significantly faster (often 2x-3x) due to a new threading model.

Subtle changes: There are minor differences in how certain flags behave (like rsync deletion logic), but for the simple cp and ls commands in this PR, the behavior is identical.

2. SDK Version & Dockerfiles:
   gcloud storage became generally available in SDK version 379.0.0.

Dockerfiles: Since I've updated cloudbuild.yaml to use the gcr.io/cloud-builders/gcloud image (which Google keeps updated to the latest stable SDK), we are covered for the build process. If we have custom Dockerfiles for local stats runs, I’ll double-check that they pull a recent google-cloud-sdk version (379+).