In the first code lab, you will store pictures in a bucket. This will generate a file creation event that will be handled by a function. The function will make a call to Vision API to do image analysis and save results in a datastore.

What you'll learn

Self-paced environment setup

If you don't already have a Google Account (Gmail or G Suite), you must create one. Sign-in to Google Cloud Platform console (console.cloud.google.com) and create a new project (or reuse an existing one):

Screenshot from 2016-02-10 12:45:26.png

Remember the project ID, a unique name across all Google Cloud projects (the name above has already been taken and will not work for you, sorry!). It will be referred to later in this codelab as PROJECT_ID.

Next, you'll need to enable billing in the Cloud Console in order to use Google Cloud resources.

Running through this codelab shouldn't cost you more than a few dollars, but it could be more if you decide to use more resources or if you leave them running (see "cleanup" section at the end of this document).

New users of Google Cloud Platform are eligible for a $300 free trial.

Start Cloud Shell

While Google Cloud can be operated remotely from your laptop, in this codelab you will be using Google Cloud Shell, a command line environment running in the Cloud.

From the GCP Console click the Cloud Shell icon on the top right toolbar:

It should only take a few moments to provision and connect to the environment. When it is finished, you should see something like this:

This virtual machine is loaded with all the development tools you'll need. It offers a persistent 5GB home directory, and runs on Google Cloud, greatly enhancing network performance and authentication. All of your work in this lab can be done with simply a browser.

In order to use the Vision API, you first need to enable it.

Search for Cloud Vision API in the cloud console search bar:

You will land on the Cloud Vision API page:

Click the ENABLE button.

Alternatively, you can also enable it Cloud Shell using the gcloud command line tool.

Inside Cloud Shell, run the following command:

gcloud services enable vision.googleapis.com

You should see the operation to finish successfully:

Operation "operations/acf.12dba18b-106f-4fd2-942d-fea80ecc5c1c" finished successfully.

Create a storage bucket for the pictures. You can do this from Google Cloud Platform console (console.cloud.google.com) or with gsutil command line tool from Cloud Shell or your local development environment.

Navigate to Storage

From the "hamburger" (☰) menu, navigate to the Storage page.

Name your bucket

Click on the CREATE BUCKET button.

You need to create a globally unique bucket name (here: uploaded-pictures, but you will have to choose a globally unique name).

Click CONTINUE.

Choose Location

Create a multi-regional bucket in the region of your choice (here Europe).

Click CONTINUE.

Choose default storage class

Choose the Standard storage class for your data.

Click CONTINUE.

Set Access Control

As you will be working with publicly accessible images, you want all our pictures stored in this bucket to have the same uniform access control.

Choose the Uniform access control option.

Click CONTINUE.

Set Encryption

Select Google-managed key, as you won't use your own encryption keys.

Click CREATE, to eventually finalize our bucket creation.

Add allUsers as storage viewer

Go to the Permissions tab:

Add an allUsers member to the bucket, with a role of Storage > Storage Object Viewer, as follows:

Click SAVE.

Test public access

Going back to the storage browser, you'll see your bucket in the list, with "Public" access (including a warning sign reminding you that anyone has access to the content of that bucket).

Your bucket is now ready to receive pictures.

If you click on the bucket name, you'll see the bucket details.

There, you can try the Upload files button, to test that you can add a picture to the bucket. A file chooser popup will ask you to select a file. Once selected, it'll be uploaded to your bucket, and you will see again the public access that has been automatically attributed to this new file.

Along the Public access label, you will also see a little link icon. When clicking on it, your browser will navigate to the public URL of that image, which will be of the form:

https://storage.googleapis.com/BUCKET_NAME/PICTURE_FILE.png

With BUCKET_NAME being the globally unique name you have chosen for your bucket, and then the file name of your picture.

By clicking on the check box along the picture name, the DELETE button will be enabled, and you can delete this first image.

You can also use the gsutil command line tool in Cloud Shell to create buckets.

In Cloud Shell, set a variable for the unique bucket name. Cloud Shell already has GOOGLE_CLOUD_PROJECT set to your unique project id. You can append that to the bucket name.

For example:

BUCKET_PICTURES=uploaded-pictures-${GOOGLE_CLOUD_PROJECT}

Create a standard multi-region zone in Europe:

gsutil mb -l EU gs://${BUCKET_PICTURES}

Ensure uniform bucket level access:

gsutil uniformbucketlevelaccess set on gs://${BUCKET_PICTURES}

Make the bucket public:

gsutil iam ch allUsers:objectViewer gs://${BUCKET_PICTURES}

If you go to Cloud Storage section of the console, you should have a public uploaded-pictures bucket:

Test that you can upload pictures to the bucket and the uploaded pictures are publicly available, as explained in the previous step.

In this step, you create a function that reacts to picture upload events.

Visit the Cloud Functions section of the Google Cloud console. By visiting it, the Cloud Functions service will be automatically enabled.

Click on Create function.

Choose a name (eg. picture-uploaded) and the amount of memory (here 256 MB):

There are two kinds of functions:

You want to create a background function that is triggered when a new file is uploaded to our Cloud Storage bucket:

You are interested in the Finalize/Create event type, which is the event that is triggered when a file is created or updated in the bucket:

Select the bucket created before, to tell Cloud Functions to be notified when a file is created / updated in this particular bucket:

Choose the Inline editor for this function:

Select the Node.js 8 runtime:

The source code consists of an index.js JavaScript file, and a package.json file that provides various metadata and dependencies.

Leave the default snippet of code: it logs the file name of the uploaded picture:

For now, keep the name of the function to execute to helloGCS, for testing purposes.

At the bottom of the page, you'll notice the following folded section:

Click on Environment variables, networking, timeouts and more

Select the same region as other resources, for example europe-west1:

No need to further change any other advanced setting.

Click on Create to deploy the function. Once the deployment succeeded, you should see a green-circled check mark in the list of functions:

In this step, test that the function responds to storage events.

From the "hamburger" (☰) menu, navigate back to the Storage page.

Click on the images bucket, and then on Upload files to upload an image.

Navigate again within the cloud console to go to the Logging > Logs viewer page.

In the audited resource selector, select Cloud Function to see the logs dedicated to your functions. You can even select a specific function to have a finer-grained view of the functions related logs.

You should see the log items mentioning the creation of the function, the start and end times of the function, and our actual log statement:

Our log statement reads: Processing file: my-picture.png, meaning that the event related to the creation and storage of this picture has indeed been triggered as expected.

You will store information about the picture given by the Vision API into the Cloud Firestore database. Prepare your database by going to the Firestore section of the Cloud Console:

Two options are offered: Native mode or Datastore mode. Use the native mode, which offers extra features like offline support and real-time synchronization.

Click on SELECT NATIVE MODE.

Pick a multi-region (here in Europe, but ideally at least the same region your function and storage bucket are).

Click the CREATE DATABASE button.

Once the database is created, you should see the following:

Create a new collection by clicking the + START COLLECTION button.

Name collection pictures.

You don't need to create a first document. You'll add them programmatically as new pictures are stored in Cloud Storage and analysed by the Vision API.

Click Save.

The documents in our collection will contain 4 fields:

Move back to the Functions page, to update the function to invoke the Vision API to analyze our pictures, and to store the metadata in Firestore.

From the "hamburger" (☰) menu, navigate to the Cloud Functions section, select the function, click on the Source tab, and then click the EDIT button.

You can click the four-corner square icon in the top right hand corner to maximize the source code view:

First, edit the package.json file which lists the dependencies of our Node.JS function. Update the code to add the Cloud Vision API NPM dependency:

{
  "name": "picture-analysis-function",
  "version": "0.0.1",
  "dependencies": {
    "@google-cloud/storage": "^1.6.0",
    "@google-cloud/vision": "^1.8.0",
    "@google-cloud/firestore": "^3.4.1"
  }
}

Now that the dependencies are up-to-date, you are going to work on the code of our function, by updating the index.js file.

Replace the code in index.js with the code below. It will be explained in the next step.

const vision = require('@google-cloud/vision');
const Storage = require('@google-cloud/storage');
const Firestore = require('@google-cloud/firestore');

const client = new vision.ImageAnnotatorClient();

exports.vision_analysis = async (event, context) => {
    console.log(`Event: ${JSON.stringify(event)}`);

    const filename = event.name;
    const filebucket = event.bucket;

    console.log(`New picture uploaded ${filename} in ${filebucket}`);

    const request = {
        image: { source: { imageUri: `gs://${filebucket}/${filename}` } },
        features: [
            { type: 'LABEL_DETECTION' },
            { type: 'IMAGE_PROPERTIES' },
            { type: 'SAFE_SEARCH_DETECTION' }
        ]
    };

    // invoking the Vision API
    const [response] = await client.annotateImage(request);
    console.log(`Raw vision output for: ${filename}: ${JSON.stringify(response)}`);

    if (response.error === null) {
        // listing the labels found in the picture
        const labels = response.labelAnnotations
            .sort((ann1, ann2) => ann2.score - ann1.score)
            .map(ann => ann.description)
        console.log(`Labels: ${labels.join(', ')}`);

        // retrieving the dominant color of the picture
        const color = response.imagePropertiesAnnotation.dominantColors.colors
            .sort((c1, c2) => c2.score - c1.score)[0].color;
        const colorHex = decColorToHex(color.red, color.green, color.blue);
        console.log(`Colors: ${colorHex}`);

        // determining if the picture is safe to show
        const safeSearch = response.safeSearchAnnotation;
        const isSafe = ["adult", "spoof", "medical", "violence", "racy"].every(k => 
            !['LIKELY', 'VERY_LIKELY'].includes(safeSearch[k]));
        console.log(`Safe? ${isSafe}`);

        // if the picture is safe to display, store it in Firestore
        if (isSafe) {
            const pictureStore = new Firestore().collection('pictures');
            
            const doc = pictureStore.doc(filename);
            await doc.set({
                labels: labels,
                color: colorHex,
                created: Firestore.Timestamp.now()
            });

            console.log("Stored metadata in Firestore");
        }
    } else {
        throw new Error(`Vision API error: code ${response.error.code}, message: "${response.error.message}"`);
    }
};

function decColorToHex(r, g, b) {
    return '#' + Number(r).toString(16).padStart(2, '0') + 
                 Number(g).toString(16).padStart(2, '0') + 
                 Number(b).toString(16).padStart(2, '0');
}

Let's have a closer look at the various interesting parts.

First, we're require-ing the needed modules, for Vision, Storage and Firestore:

const vision = require('@google-cloud/vision');
const Storage = require('@google-cloud/storage');
const Firestore = require('@google-cloud/firestore');

Then, we prepare a client for the Vision API:

const client = new vision.ImageAnnotatorClient();

Now comes the structure of our function. We make it an async function, as we are using the async / await capabilities introduced in Node.js 8:

exports.vision_analysis = async (event, context) => {
    ...
    const filename = event.name;
    const filebucket = event.bucket;
    ...
}

Notice the signature, but also how we retrieve the name of the file and bucket which triggered the Cloud Function.

For reference, here's what the event payload looks like:

{
  "bucket":"uploaded-pictures",
  "contentType":"image/png",
  "crc32c":"efhgyA==",
  "etag":"CKqB956MmucCEAE=",
  "generation":"1579795336773802",
  "id":"uploaded-pictures/Screenshot.png/1579795336773802",
  "kind":"storage#object",
  "md5Hash":"PN8Hukfrt6C7IyhZ8d3gfQ==",
  "mediaLink":"https://www.googleapis.com/download/storage/v1/b/uploaded-pictures/o/Screenshot.png?generation=1579795336773802&alt=media",
  "metageneration":"1",
  "name":"Screenshot.png",
  "selfLink":"https://www.googleapis.com/storage/v1/b/uploaded-pictures/o/Screenshot.png",
  "size":"173557",
  "storageClass":"STANDARD",
  "timeCreated":"2020-01-23T16:02:16.773Z",
  "timeStorageClassUpdated":"2020-01-23T16:02:16.773Z",
  "updated":"2020-01-23T16:02:16.773Z"
}

We prepare a request to send via the Vision client:

const request = {
    image: { source: { imageUri: `gs://${filebucket}/${filename}` } },
    features: [
        { type: 'LABEL_DETECTION' },
        { type: 'IMAGE_PROPERTIES' },
        { type: 'SAFE_SEARCH_DETECTION' }
    ]
};

We're asking for 3 key capabilities of the Vision API:

At this point, we can make the call to the Vision API:

const [response] = await client.annotateImage(request);

For reference, here's what the response from the Vision API looks like:

{
  "faceAnnotations": [],
  "landmarkAnnotations": [],
  "logoAnnotations": [],
  "labelAnnotations": [
    {
      "locations": [],
      "properties": [],
      "mid": "/m/01yrx",
      "locale": "",
      "description": "Cat",
      "score": 0.9959855675697327,
      "confidence": 0,
      "topicality": 0.9959855675697327,
      "boundingPoly": null
    },
    ✄ - - - ✄
  ],
  "textAnnotations": [],
  "localizedObjectAnnotations": [],
  "safeSearchAnnotation": {
    "adult": "VERY_UNLIKELY",
    "spoof": "UNLIKELY",
    "medical": "VERY_UNLIKELY",
    "violence": "VERY_UNLIKELY",
    "racy": "VERY_UNLIKELY",
    "adultConfidence": 0,
    "spoofConfidence": 0,
    "medicalConfidence": 0,
    "violenceConfidence": 0,
    "racyConfidence": 0,
    "nsfwConfidence": 0
  },
  "imagePropertiesAnnotation": {
    "dominantColors": {
      "colors": [
        {
          "color": {
            "red": 203,
            "green": 201,
            "blue": 201,
            "alpha": null
          },
          "score": 0.4175916016101837,
          "pixelFraction": 0.44456374645233154
        },
        ✄ - - - ✄
      ]
    }
  },
  "error": null,
  "cropHintsAnnotation": {
    "cropHints": [
      {
        "boundingPoly": {
          "vertices": [
            { "x": 0, "y": 118 },
            { "x": 1177, "y": 118 },
            { "x": 1177, "y": 783 },
            { "x": 0, "y": 783 }
          ],
          "normalizedVertices": []
        },
        "confidence": 0.41695669293403625,
        "importanceFraction": 1
      }
    ]
  },
  "fullTextAnnotation": null,
  "webDetection": null,
  "productSearchResults": null,
  "context": null
}

If there's no error returned, we can move on, hence why we have this if block:

if (response.error === null) {
    ...
} else {
    throw new Error(`Vision API error: code ${response.error.code},  
                     message: "${response.error.message}"`);
}

We are going to get the labels of the things, categories or themes recognised in the picture:

const labels = response.labelAnnotations
    .sort((ann1, ann2) => ann2.score - ann1.score)
    .map(ann => ann.description)

We're sorting the labels by highest score first.

We're interested in knowing the dominant color of the picture:

const color = response.imagePropertiesAnnotation.dominantColors.colors
    .sort((c1, c2) => c2.score - c1.score)[0].color;
const colorHex = decColorToHex(color.red, color.green, color.blue);

We're again sorting colors by score and take the first one.

We're also using a utility function to transform the red / green / blue values into an hexadecimal color code that we can use in CSS stylesheets.

Let's check if the picture is safe to show:

const safeSearch = response.safeSearchAnnotation;
const isSafe = ["adult", "spoof", "medical", "violence", "racy"]
    .every(k => !['LIKELY', 'VERY_LIKELY'].includes(safeSearch[k]));

We're checking the adult / spoof / medical / violence / racy attributes to see if they are not likely or very likely to.

If the result of the safe search is okay, we can store metadata in Firestore:

if (isSafe) {
    const pictureStore = new Firestore().collection('pictures');
            
    const doc = pictureStore.doc(filename);
    await doc.set({
        labels: labels,
        color: colorHex,
        created: Firestore.Timestamp.now()
    });
}

Time to deploy the function.

Hit DEPLOY button and the new version will be deployed, you can see the progress:

Once the function is successfully deployed, you will post a picture to Cloud Storage, see if our function is invoked, what the Vision API returns, and if what metadata is stored in Firestore.

Navigate back to Cloud Storage, and click on the bucket we created at the beginning of the lab:

Once in the bucket details page:

Click on the Upload files button to upload a picture.

From the "hamburger" (☰) menu, navigate to the Logging > Logs viewer:

Notice that you can select the logs for particular resources. In our case, we're especially interested in seeing logs coming from our functions:

And indeed, in the list of logs, I can see that our function was invoked:

The logs indicate the start and end of the function execution. And in between, we can see the logs we put in our function with the console.log() statements. We see:

Again from the "hamburger" (☰) menu, go to the Firestore section. In the Data subsection (shown by default), you should see the pictures collection with a new document added, corresponding to the picture you just uploaded:

Congratulations! You've successfully implemented the first key service of the project!

What we've covered

Next Steps