Skip to content

Commit

Permalink
fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@dorooleg
dorooleg committed Aug 7, 2024
1 parent d7fa9cb commit 99d2a25
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 13 deletions.
18 changes: 11 additions & 7 deletions ydb/core/fq/libs/control_plane_proxy/actors/query_utils.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,8 +125,10 @@ TMaybe<TString> CreateSecretObjectQuery(const FederatedQuery::ConnectionSetting&

TString CreateAuthParamsQuery(const FederatedQuery::ConnectionSetting& setting,
const TString& name,
const TSigner::TPtr& signer) {
const TSigner::TPtr& signer,
const TString& scope) {
using namespace fmt::literals;
const TString folderId = NYdb::NFq::TScope{scope}.ParseFolder();
auto authMethod = GetYdbComputeAuthMethod(setting);
switch (authMethod) {
case EYdbComputeAuth::UNKNOWN:
Expand All @@ -142,7 +144,7 @@ TString CreateAuthParamsQuery(const FederatedQuery::ConnectionSetting& setting,
)",
"auth_method"_a = ToString(authMethod),
"service_account_id"_a = EncloseAndEscapeString(ExtractServiceAccountId(setting), '"'),
"sa_secret_name"_a = EncloseAndEscapeString(signer ? "k1" + name : TString{}, '"'));
"sa_secret_name"_a = EncloseAndEscapeString(signer ? TStringBuilder{} << "f1_" << folderId << name : TString{}, '"'));
case EYdbComputeAuth::BASIC:
return fmt::format(
R"(,
Expand All @@ -152,7 +154,7 @@ TString CreateAuthParamsQuery(const FederatedQuery::ConnectionSetting& setting,
)",
"auth_method"_a = ToString(authMethod),
"login"_a = EncloseAndEscapeString(GetLogin(setting).GetOrElse({}), '"'),
"password_secret_name"_a = EncloseAndEscapeString("k2" + name, '"'));
"password_secret_name"_a = EncloseAndEscapeString(TStringBuilder{} << "f2_" << folderId << name, '"'));
case EYdbComputeAuth::MDB_BASIC:
return fmt::format(
R"(,
Expand All @@ -164,17 +166,18 @@ TString CreateAuthParamsQuery(const FederatedQuery::ConnectionSetting& setting,
)",
"auth_method"_a = ToString(authMethod),
"service_account_id"_a = EncloseAndEscapeString(ExtractServiceAccountId(setting), '"'),
"sa_secret_name"_a = EncloseAndEscapeString(signer ? "k1" + name : TString{}, '"'),
"sa_secret_name"_a = EncloseAndEscapeString(signer ? TStringBuilder{} << "f1_" << folderId << name : TString{}, '"'),
"login"_a = EncloseAndEscapeString(GetLogin(setting).GetOrElse({}), '"'),
"password_secret_name"_a = EncloseAndEscapeString("k2" + name, '"'));
"password_secret_name"_a = EncloseAndEscapeString(TStringBuilder{} << "f2_" << folderId << name, '"'));
}
}

TString MakeCreateExternalDataSourceQuery(
const FederatedQuery::ConnectionContent& connectionContent,
const TSigner::TPtr& signer,
const NConfig::TCommonConfig& common,
bool replaceIfExists) {
bool replaceIfExists,
const TString& scope) {
using namespace fmt::literals;

TString properties;
Expand Down Expand Up @@ -281,7 +284,8 @@ TString MakeCreateExternalDataSourceQuery(
"auth_params"_a =
CreateAuthParamsQuery(connectionContent.setting(),
connectionContent.name(),
signer));
signer,
scope));
}

TMaybe<TString> DropSecretObjectQuery(const TString& name, const TString& scope) {
Expand Down
3 changes: 2 additions & 1 deletion ydb/core/fq/libs/control_plane_proxy/actors/query_utils.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,8 @@ TString MakeCreateExternalDataSourceQuery(
const FederatedQuery::ConnectionContent& connectionContent,
const TSigner::TPtr& signer,
const NConfig::TCommonConfig& common,
bool replaceIfExists);
bool replaceIfExists,
const TString& scope);

TString MakeDeleteExternalDataSourceQuery(const TString& sourceName);

Expand Down
10 changes: 5 additions & 5 deletions ydb/core/fq/libs/control_plane_proxy/actors/ydb_schema_query_actor.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -605,7 +605,7 @@ IActor* MakeCreateConnectionActor(
statements.push_back(TSchemaQueryTask{
.SQL = MakeCreateExternalDataSourceQuery(
connectionContent, signer, commonConfig,
computeConfig.IsReplaceIfExistsSyntaxSupported()),
computeConfig.IsReplaceIfExistsSyntaxSupported(), scope),
.ScheduleErrorRecoverySQLGeneration =
withoutRollback
? NoRecoverySQLGeneration()
Expand Down Expand Up @@ -687,7 +687,7 @@ IActor* MakeModifyConnectionActor(

statements.push_back(TSchemaQueryTask{
.SQL = MakeCreateExternalDataSourceQuery(
newConnectionContent, signer, commonConfig, replaceSupported)});
newConnectionContent, signer, commonConfig, replaceSupported, scope)});
return statements;
}

Expand Down Expand Up @@ -716,7 +716,7 @@ IActor* MakeModifyConnectionActor(
statements.push_back(TSchemaQueryTask{
.SQL = TString{MakeDeleteExternalDataSourceQuery(oldConnectionContent.name())},
.RollbackSQL = TString{MakeCreateExternalDataSourceQuery(
oldConnectionContent, signer, commonConfig, false)},
oldConnectionContent, signer, commonConfig, false, scope)},
.ShouldSkipStepOnError = IsPathDoesNotExistIssue});

if (dropOldSecret) {
Expand All @@ -735,7 +735,7 @@ IActor* MakeModifyConnectionActor(

statements.push_back(
TSchemaQueryTask{.SQL = TString{MakeCreateExternalDataSourceQuery(
newConnectionContent, signer, commonConfig, false)},
newConnectionContent, signer, commonConfig, false, scope)},
.RollbackSQL = TString{MakeDeleteExternalDataSourceQuery(
newConnectionContent.name())}});

Expand Down Expand Up @@ -800,7 +800,7 @@ IActor* MakeDeleteConnectionActor(
TSchemaQueryTask{.SQL = TString{MakeDeleteExternalDataSourceQuery(
connectionContent.name())},
.RollbackSQL = MakeCreateExternalDataSourceQuery(
connectionContent, signer, commonConfig, false),
connectionContent, signer, commonConfig, false, scope),
.ShouldSkipStepOnError = IsPathDoesNotExistIssue}};
if (dropSecret) {
statements.push_back(
Expand Down

0 comments on commit 99d2a25

Please sign in to comment.