Runtime: Prevent introspective queries at compile (SL only) #5926
Conversation
…for runtime calls
|
Thank you for your pull request! We could not find a changelog entry for this change. For details on how to document a change, see the contributing guide. |
|
@racheldaniel for we need this to get into the 1.3 release? |
@leahwicz yes, and back-ported as well if possible 😬 . What do I need to do to ensure that goes smoothly? |
| @@ -13,6 +17,46 @@ class RuntimeArgs: | |||
| target: str | |||
|
|
|||
|
|
|||
| class SqlCompileRunnerNoIntrospection(SqlCompileRunner): | |||
| def compile_and_execute(self, manifest, ctx): | |||
There was a problem hiding this comment.
Looks like this function is the same as compile_and_execute here with line 313 with self.adapter.connection_for(self.node): removed. Looks good now but I would recommend add a TODO to refactor here when doing runtime(maybe?) so we are not duplicating majority of this function in two places.
There was a problem hiding this comment.
@ChenyuLInx Roger that! This entire solution is very temporary-- we actually don't want to disable this functionality long-term, we just need time to find a way to use multiple sets of credentials (deployment for parsing, user-specific for compiling). I will leave a comment to that effect 👍
leahwicz
deleted the
racheld/RUNTIME-443/prevent-introspection-on-compile
branch
leahwicz
added
the
backport 1.2.latest
* Preliminary changes to keep compile from connecting to the warehouse for runtime calls * Adds option to lib to skip connecting to warehouse for compile; adds prelim tests * Removes unused imports * Simplifies test and renames to SqlCompileRunnerNoIntrospection * Updates name in tests * Spacing * Updates test to check for adapter connection call instead of compile and execute * Removes commented line * Fixes test names * Updates plugin to postgres type as snowflake isn't available * Fixes docstring * Fixes formatting * Moves conditional logic out of class * Fixes formatting * Removes commented line * Moves import * Unmoves import * Updates changelog * Adds further info to method docstring (cherry picked from commit f1326f5)
…5943) * Preliminary changes to keep compile from connecting to the warehouse for runtime calls * Adds option to lib to skip connecting to warehouse for compile; adds prelim tests * Removes unused imports * Simplifies test and renames to SqlCompileRunnerNoIntrospection * Updates name in tests * Spacing * Updates test to check for adapter connection call instead of compile and execute * Removes commented line * Fixes test names * Updates plugin to postgres type as snowflake isn't available * Fixes docstring * Fixes formatting * Moves conditional logic out of class * Fixes formatting * Removes commented line * Moves import * Unmoves import * Updates changelog * Adds further info to method docstring (cherry picked from commit f1326f5) Co-authored-by: Rachel <[email protected]>
resolves #5936
RUNTIME-443
Description
This PR conditionally no-ops warehouse connection at compile depending on an env var. This is a temporary solution to more complex permissions requirements for the semantic layer.
Checklist
changie newto create a changelog entry