Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: grant read operation #2665

Merged
merged 8 commits into from
Apr 5, 2024
Merged

fix: grant read operation #2665

merged 8 commits into from
Apr 5, 2024

Conversation

sfc-gh-jcieslak
Copy link
Collaborator

This pr resolves an issue that was happening when a granted resource was removed by hand. This touches all the grant privilege to resources (others too, but they somewhat already resolved this by marking the resource as removed; the other resources are only missing nested if check that would indicate for which error we're making the resources as removed. Right now, it's happening for every kind of error in the SHOW command). I adjusted those resource to:

  1. Check if the granted resource is present (e.g. grant x to database role -> in Read operation check if database role is present).
  2. Check the error type in the SHOW GRANTS, so we'll only mark the resource as removed only for object does not exist or not authorized type of errors.

Test Plan

  • acceptance tests that show resources are marked as removed without dependent resources (grant privileges to share have only one test because Snowflake is preventing you from removing dependent objects like databases when they're granted to share)

@github-actions GitHub Actions
Copy link

Integration tests failure for 595988c2de1c439afd851cdb987f2dcb3dc9fb4a

@sfc-gh-asawicki sfc-gh-asawicki self-requested a review April 3, 2024 08:53
sfc-gh-asawicki
sfc-gh-asawicki reviewed Apr 3, 2024
View reviewed changes
Copy link
Collaborator

@sfc-gh-asawicki sfc-gh-asawicki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one question, valid for all the resources covered in this PR.

pkg/resources/grant_privileges_to_share_acceptance_test.go Show resolved Hide resolved
@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 3, 2024

Integration tests failure for a86d9d8a3b0d65077b022b06f48ea846f6b485c2

@sfc-gh-jcieslak
Changes after review
7707671
@sfc-gh-jcieslak
Merge branch 'main' into fix-grant-read-function
f952825 
# Conflicts:
#	pkg/resources/grant_privileges_to_account_role_acceptance_test.go
#	pkg/resources/grant_privileges_to_database_role_acceptance_test.go
@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 3, 2024

Integration tests failure for f952825fb45071971bb76dd0614ba3952cdc8345

@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 4, 2024

Integration tests failure for 766127654ad82f678a2386645e0ef75a4ae3112a

@sfc-gh-asawicki sfc-gh-asawicki self-requested a review April 5, 2024 11:29
@sfc-gh-jcieslak sfc-gh-jcieslak merged commit 0b947a5 into main Apr 5, 2024
8 of 9 checks passed
@sfc-gh-jcieslak sfc-gh-jcieslak deleted the fix-grant-read-function branch April 5, 2024 12:31
@snowflake-release-please snowflake-release-please bot mentioned this pull request Apr 5, 2024
Merged
sfc-gh-jcieslak pushed a commit that referenced this pull request Apr 9, 2024
@snowflake-release-please
chore(main): release 0.88.0 (#2638)
5ac2759 
🤖 I have created a release *beep* *boop*
---


##
[0.88.0](v0.87.3-pre...v0.88.0)
(2024-04-09)


### 🎉 **What's new:**

* Fix issues 2651 2656
([#2659](#2659))
([7fa09cc](7fa09cc))
* Grant ownership follow up
([#2628](#2628))
([d467e5b](d467e5b))
* grant ownership follow-up
([#2658](#2658))
([bfa2317](bfa2317))
* grant ownership on tasks
([#2684](#2684))
([2ba7889](2ba7889))
* Introduce shared function to suspend task roots
([#2650](#2650))
([d684b5d](d684b5d))
* Redesign snowflake_grants datasource
([#2667](#2667))
([918873d](918873d))
* user password policy attachment
([#2627](#2627))
([382e49d](382e49d))


### 🔧 **Misc**

* release 0.88.0
([02d60e0](02d60e0))
* Update grant examples in all resources
([#2660](#2660))
([b542b69](b542b69))


### 🐛 **Bug fixes:**

* Adjust dynamic tables after BCR-1543
([#2664](#2664))
([cf32ceb](cf32ceb))
* Fix handling secure views read and import
([#2655](#2655))
([3c3ede6](3c3ede6))
* Fix issues 2606 2642 2652 2653
([#2654](#2654))
([4a73721](4a73721))
* Fix release workflow
([#2639](#2639))
([dfd07e9](dfd07e9))
* Generate docs for dynamic table
([#2666](#2666))
([16c75b0](16c75b0))
* grant read operation
([#2665](#2665))
([0b947a5](0b947a5))
* migration guide for databases created from share
([#2637](#2637))
([f9651bc](f9651bc))
* with_grant_option diff drift
([#2608](#2608))
([f0018c6](f0018c6))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: snowflake-release-please[bot] <105954990+snowflake-release-please[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sfc-gh-asawicki sfc-gh-asawicki sfc-gh-asawicki approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sfc-gh-jcieslak @sfc-gh-asawicki