Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: database role v1 readiness #3014

Merged
merged 5 commits into from
Aug 28, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions MIGRATION_GUIDE.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,23 @@ across different versions.

## v0.94.x ➞ v0.95.0

### *(breaking change)* database roles data source; field rename, schema structure changes, and adding missing filtering options

- `database` renamed to `in_database`
- Added `like` and `limit` filtering options
- `SHOW DATABASE ROLES` output is now put inside `database_roles.*.show_output`. Here's the list of currently available fields:
- `created_on`
- `name`
- `is_default`
- `is_current`
- `is_inherited`
- `granted_to_roles`
- `granted_to_database_roles`
- `granted_database_roles`
- `owner`
- `comment`
- `owner_role_type`

### snowflake_view resource changes
New fields:
- `row_access_policy`
Expand Down
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -156,10 +156,10 @@ clean-resource-show-output-assertions: ## Clean resource parameters assertions
generate-resource-model-builders: ## Generate resource model builders
go generate ./pkg/acceptance/bettertestspoc/config/model/generate.go

clean-resource-model-builder: ## Clean resource model builders
clean-resource-model-builders: ## Clean resource model builders
rm -f ./pkg/acceptance/bettertestspoc/config/model/*_gen.go

clean-all-assertions-and-config-models: clean-snowflake-object-assertions clean-snowflake-object-parameters-assertions clean-resource-assertions clean-resource-parameters-assertions clean-resource-show-output-assertions clean-resource-model-builder ## clean all generated assertions and config models
clean-all-assertions-and-config-models: clean-snowflake-object-assertions clean-snowflake-object-parameters-assertions clean-resource-assertions clean-resource-parameters-assertions clean-resource-show-output-assertions clean-resource-model-builders ## clean all generated assertions and config models

generate-all-assertions-and-config-models: generate-snowflake-object-assertions generate-snowflake-object-parameters-assertions generate-resource-assertions generate-resource-parameters-assertions generate-resource-show-output-assertions generate-resource-model-builders ## generate all assertions and config models

Expand Down
38 changes: 36 additions & 2 deletions docs/data-sources/database_roles.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ description: |-

---

!> **V1 release candidate** This data source was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the data source if needed. Any errors reported will be resolved with a higher priority. We encourage checking this data source out before the V1 release. Please follow the [migration guide](https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/MIGRATION_GUIDE.md#v0920--v0930) to use it.

# snowflake_database_roles (Data Source)


Expand All @@ -22,18 +24,50 @@ data "snowflake_database_roles" "db_roles" {

### Required

- `database` (String) The database from which to return the database roles from.
- `in_database` (String) The database from which to return the database roles from.

### Optional

- `like` (String) Filters the output with **case-insensitive** pattern, with support for SQL wildcard characters (`%` and `_`).
- `limit` (Block List, Max: 1) Limits the number of rows returned. If the `limit.from` is set, then the limit wll start from the first element matched by the expression. The expression is only used to match with the first element, later on the elements are not matched by the prefix, but you can enforce a certain pattern with `starts_with` or `like`. (see [below for nested schema](#nestedblock--limit))

### Read-Only

- `database_roles` (List of Object) Lists all the database roles in a specified database. (see [below for nested schema](#nestedatt--database_roles))
- `database_roles` (List of Object) Holds the aggregated output of all database role details queries. (see [below for nested schema](#nestedatt--database_roles))
- `id` (String) The ID of this resource.

<a id="nestedblock--limit"></a>
### Nested Schema for `limit`

Required:

- `rows` (Number) The maximum number of rows to return.

Optional:

- `from` (String) Specifies a **case-sensitive** pattern that is used to match object name. After the first match, the limit on the number of rows will be applied.


<a id="nestedatt--database_roles"></a>
### Nested Schema for `database_roles`

Read-Only:

- `show_output` (List of Object) (see [below for nested schema](#nestedobjatt--database_roles--show_output))

<a id="nestedobjatt--database_roles--show_output"></a>
### Nested Schema for `database_roles.show_output`

Read-Only:

- `comment` (String)
- `created_on` (String)
- `granted_database_roles` (Number)
- `granted_to_database_roles` (Number)
- `granted_to_roles` (Number)
- `is_current` (Boolean)
- `is_default` (Boolean)
- `is_inherited` (Boolean)
- `name` (String)
- `owner` (String)
- `owner_role_type` (String)
39 changes: 31 additions & 8 deletions docs/resources/database_role.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,20 +5,25 @@ description: |-

---

!> **V1 release candidate** This resource was reworked and is a release candidate for the V1. We do not expect significant changes in it before the V1. We will welcome any feedback and adjust the resource if needed. Any errors reported will be resolved with a higher priority. We encourage checking this resource out before the V1 release.
sfc-gh-asawicki marked this conversation as resolved.
Show resolved Hide resolved

# snowflake_database_role (Resource)



## Example Usage

```terraform
resource "snowflake_database_role" "db_role" {
database = "database"
name = "role_1"
comment = "my db role"
resource "snowflake_database" "test_database" {
name = "database_name"
}
```

resource "snowflake_database_role" "test_database_role" {
database = snowflake_database.test_database.fully_qualified_name
name = "database_role_name"
comment = "my database role"
}
```
-> **Note** Instead of using fully_qualified_name, you can reference objects managed outside Terraform by constructing a correct ID, consult [identifiers guide](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/guides/identifiers#new-computed-fully-qualified-name-field-in-resources).
<!-- TODO(SNOW-1634854): include an example showing both methods-->

Expand All @@ -27,8 +32,8 @@ resource "snowflake_database_role" "db_role" {

### Required

- `database` (String) The database in which to create the database role.
- `name` (String) Specifies the identifier for the database role.
- `database` (String) The database in which to create the database role. Due to technical limitations (read more [here](https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/docs/technical-documentation/identifiers_rework_design_decisions.md#known-limitations-and-identifier-recommendations)), avoid using the following characters: `|`, `.`, `(`, `)`, `"`
- `name` (String) Specifies the identifier for the database role. Due to technical limitations (read more [here](https://github.com/Snowflake-Labs/terraform-provider-snowflake/blob/main/docs/technical-documentation/identifiers_rework_design_decisions.md#known-limitations-and-identifier-recommendations)), avoid using the following characters: `|`, `.`, `(`, `)`, `"`

### Optional

Expand All @@ -38,11 +43,29 @@ resource "snowflake_database_role" "db_role" {

- `fully_qualified_name` (String) Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
- `id` (String) The ID of this resource.
- `show_output` (List of Object) Outputs the result of `SHOW DATABASE ROLES` for the given database role. Note that this value will be only recomputed whenever comment field changes. (see [below for nested schema](#nestedatt--show_output))

<a id="nestedatt--show_output"></a>
### Nested Schema for `show_output`

Read-Only:

- `comment` (String)
- `created_on` (String)
- `granted_database_roles` (Number)
- `granted_to_database_roles` (Number)
- `granted_to_roles` (Number)
- `is_current` (Boolean)
- `is_default` (Boolean)
- `is_inherited` (Boolean)
- `name` (String)
- `owner` (String)
- `owner_role_type` (String)

## Import

Import is supported using the following syntax:

```shell
terraform import snowflake_database_role.example 'dbName|roleName'
terraform import snowflake_database_role.example '"<database_name>"."<database_role_name>"'
```
2 changes: 1 addition & 1 deletion examples/resources/snowflake_database_role/import.sh
Original file line number Diff line number Diff line change
@@ -1 +1 @@
terraform import snowflake_database_role.example 'dbName|roleName'
terraform import snowflake_database_role.example '"<database_name>"."<database_role_name>"'
12 changes: 8 additions & 4 deletions examples/resources/snowflake_database_role/resource.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
resource "snowflake_database_role" "db_role" {
database = "database"
name = "role_1"
comment = "my db role"
resource "snowflake_database" "test_database" {
name = "database_name"
}

resource "snowflake_database_role" "test_database_role" {
database = snowflake_database.test_database.fully_qualified_name
name = "database_role_name"
comment = "my database role"
}
16 changes: 16 additions & 0 deletions pkg/acceptance/bettertestspoc/README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,19 @@
# Better tests poc

<!-- TOC -->
sfc-gh-asawicki marked this conversation as resolved.
Show resolved Hide resolved
* [Better tests poc](#better-tests-poc)
* [How it works](#how-it-works)
* [Adding new resource assertions](#adding-new-resource-assertions)
* [Adding new resource show output assertions](#adding-new-resource-show-output-assertions)
* [Adding new resource parameters assertions](#adding-new-resource-parameters-assertions)
* [Adding new Snowflake object assertions](#adding-new-snowflake-object-assertions)
* [Adding new Snowflake object parameters assertions](#adding-new-snowflake-object-parameters-assertions)
* [Adding new resource config model builders](#adding-new-resource-config-model-builders)
* [Running the generators](#running-the-generators)
* [Example usage in practice](#example-usage-in-practice)
* [Known limitations/planned improvements](#known-limitationsplanned-improvements)
<!-- TOC -->

This package contains a quick implementation of helpers that should allow us a quicker, more pleasant, and more readable implementation of tests, mainly the acceptance ones.
It contains the following packages:
- `assert` - all the assertions reside here. Also, the utilities to build assertions for new objects. All the current assertions are generated. The currently supported assertions are:
Expand Down Expand Up @@ -326,3 +341,4 @@ func (w *WarehouseDatasourceShowOutputAssert) IsEmpty() {
- distinguish between different enum types (TODO left in `assert/resourceshowoutputassert/gen/templates.go`)
- support the rest of attribute types in config model builders (TODO left in `config/model/gen/model.go`)
- parametrize test client helper used - integration versus acceptance tests - this has to be changed in the generator too (TODO left in `assert/objectassert/user_snowflake_ext.go`)
- Omit computed fields in the model (like FullyQualifiedName), because it doesn't make sense to set them

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,11 @@ type SdkObjectDef struct {
}

var allStructs = []SdkObjectDef{
{
IdType: "sdk.DatabaseObjectIdentifier",
ObjectType: sdk.ObjectTypeDatabaseRole,
ObjectStruct: sdk.DatabaseRole{},
},
{
IdType: "sdk.AccountObjectIdentifier",
ObjectType: sdk.ObjectTypeUser,
Expand Down
Loading
Loading