-
Notifications
You must be signed in to change notification settings - Fork 384
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exporter: generate references that are matching only to a prefix #1890
Conversation
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #1890 +/- ##
==========================================
- Coverage 90.18% 90.04% -0.15%
==========================================
Files 143 143
Lines 11427 11456 +29
==========================================
+ Hits 10305 10315 +10
- Misses 712 730 +18
- Partials 410 411 +1
|
Exporter now detects Spark conf and environment variables values that are references to secrets (the `{{secrets/scope/secret}}` syntax) and emit a secret scope referenced there. P.S. It doesn't put explicit reference into the value, but it could be added after #1890 is merged (it will require addition of `substring` match type, but it's doable).
exporter/context.go
Outdated
if traversal != nil { | ||
if d.MatchType == "prefix" { // we're replacing the found prefix with the HCL reference using the "${reference}rest" syntax |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is it more complex if ic.Find
returns prefixed traversal?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you mean to generate tokens directly in the ic.Find
? yes, maybe it's good idea to isolate it there
Exporter now detects Spark conf and environment variables values that are references to secrets (the `{{secrets/scope/secret}}` syntax) and emit a secret scope referenced there. P.S. It doesn't put explicit reference into the value, but it could be added after #1890 is merged (it will require addition of `substring` match type, but it's doable).
There are cases when reference isn't a full match of a given value but a prefix of it. For example, user's notebook has a path of `/Users/user@domain/notebook`. To make it working correctly we need to emit user or service principal, and then make a correct reference with dependency on emitted user or notebook, like, `${databricks_user.user_domain.home}/notebook`. This PR adds a new field to dependency specification: `MatchType` that may have following values: - `prefix` - value of attribute of resource is a prefix of a given attribute - `exact` (or empty string) - must have exact matching (previous behaviour) this fixes #1777
2fbc1f7
to
3dca34d
Compare
# Version changelog ### 1.8.0 * Added support for GCP (Public Preview) with state upgraders for [databricks_mws_workspaces](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/mws_workspaces) ([#1871](#1871), [#1886](#1886), [#1748](#1748), [#1879](#1879)). * Added documentation for [databricks_permission_assignment](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/permission_assignment) ([#1880](#1880)). * Added `azure_attributes` to clusters in [databricks_pipeline](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/pipeline) resource ([#1854](#1854)). * Added [databricks_instance_pool](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/instance_pool) data source ([#1907](#1907)). * Added [databricks_provider](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/provider) resource for Delta Sharing ([#1572](#1572)). * Added acceptance tests for [databricks_cluster](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/cluster) data and [databricks_sql_endpoint](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/sql_endpoint) data ([#1882](#1882)). * Added search by name for [databricks_cluster](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/cluster) data source ([#1901](#1901)). * Added support for sparse checkouts in the [databricks_repo](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/repo) ([#1869](#1869)). * Added `config_reference` attribute to [databricks_secret](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/secret) for easier reference from Spark configuration ([#1898](#1898)). * Added `datarbicks_directory` data source ([#1902](#1902)). * Extended [databricks_catalog](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/catalog) resource to support Delta Sharing Catalog ([#1887](#1887)). * Improved [databricks_metastore_assignment](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/metastore_assignment) resource ([#1900](#1900)). * Improved [databricks_grants](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/grants) error messages ([#1888](#1888)). * Improved [databricks_group](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group) documentation ([#1816](#1816)). * Improved `data_security_mode` documentation for [databricks_cluster](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/cluster) ([#1830](#1830)). * Replace the incorrect `id` attribute with the correct `sp_id` in service principal data source docs example ([#1873](#1873)). * Use NVMe disk size for selection in the [databricks_node_type](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/node_type) data source ([#1856](#1856)). * Allowed to override resource ID for specific data source ([#1885](#1885)). Experimental Resource Exporter * Added command-line flag to export all users and service principals ([#1893](#1893)). * Added emit for secret scopes from Spark Conf and Env Vars ([#1897](#1897)). * Fixed issue with exporting of resources with simple name ([#1891](#1891)). * Generate references that are matching only to a prefix ([#1890](#1890)). * Updated list of supported services and associated resources ([#1894](#1894)). * Use [databricks_group_role](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group_role) instead of deprecated [databricks_group_instance_profile](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group_instance_profile) ([#1905](#1905)). * Use `dbfs_path` as reference for init scripts in clusters ([#1892](#1892)). * Logging improvements ([#1895](#1895)). Updated dependency versions: * Bump google.golang.org/api from 0.104.0 to 0.105.0 ([#1863](#1863)).
# Version changelog ### 1.8.0 * Added support for GCP (Public Preview) with state upgraders for [databricks_mws_workspaces](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/mws_workspaces) ([#1871](#1871), [#1886](#1886), [#1748](#1748), [#1879](#1879)). * Added documentation for [databricks_permission_assignment](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/permission_assignment) ([#1880](#1880)). * Added `azure_attributes` to clusters in [databricks_pipeline](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/pipeline) resource ([#1854](#1854)). * Added [databricks_instance_pool](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/instance_pool) data source ([#1907](#1907)). * Added [databricks_provider](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/provider) resource for Delta Sharing ([#1572](#1572)). * Added acceptance tests for [databricks_cluster](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/cluster) data and [databricks_sql_endpoint](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/sql_endpoint) data ([#1882](#1882)). * Added search by name for [databricks_cluster](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/cluster) data source ([#1901](#1901)). * Added support for sparse checkouts in the [databricks_repo](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/repo) ([#1869](#1869)). * Added `config_reference` attribute to [databricks_secret](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/secret) for easier reference from Spark configuration ([#1898](#1898)). * Added `datarbicks_directory` data source ([#1902](#1902)). * Extended [databricks_catalog](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/catalog) resource to support Delta Sharing Catalog ([#1887](#1887)). * Improved [databricks_metastore_assignment](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/metastore_assignment) resource ([#1900](#1900)). * Improved [databricks_grants](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/grants) error messages ([#1888](#1888)). * Improved [databricks_group](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group) documentation ([#1816](#1816)). * Improved `data_security_mode` documentation for [databricks_cluster](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/cluster) ([#1830](#1830)). * Replace the incorrect `id` attribute with the correct `sp_id` in service principal data source docs example ([#1873](#1873)). * Use NVMe disk size for selection in the [databricks_node_type](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/node_type) data source ([#1856](#1856)). * Allowed to override resource ID for specific data source ([#1885](#1885)). Experimental Resource Exporter * Added command-line flag to export all users and service principals ([#1893](#1893)). * Added emit for secret scopes from Spark Conf and Env Vars ([#1897](#1897)). * Fixed issue with exporting of resources with simple name ([#1891](#1891)). * Generate references that are matching only to a prefix ([#1890](#1890)). * Updated list of supported services and associated resources ([#1894](#1894)). * Use [databricks_group_role](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group_role) instead of deprecated [databricks_group_instance_profile](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group_instance_profile) ([#1905](#1905)). * Use `dbfs_path` as reference for init scripts in clusters ([#1892](#1892)). * Logging improvements ([#1895](#1895)). Updated dependency versions: * Bump google.golang.org/api from 0.104.0 to 0.105.0 ([#1863](#1863)).
…#1897) Exporter now detects Spark conf and environment variables values that are references to secrets (the `{{secrets/scope/secret}}` syntax) and emit a secret scope referenced there. P.S. It doesn't put explicit reference into the value, but it could be added after databricks#1890 is merged (it will require addition of `substring` match type, but it's doable).
…abricks#1890) * Exporter: generate references that are matching only to a prefix There are cases when reference isn't a full match of a given value but a prefix of it. For example, user's notebook has a path of `/Users/user@domain/notebook`. To make it working correctly we need to emit user or service principal, and then make a correct reference with dependency on emitted user or notebook, like, `${databricks_user.user_domain.home}/notebook`. This PR adds a new field to dependency specification: `MatchType` that may have following values: - `prefix` - value of attribute of resource is a prefix of a given attribute - `exact` (or empty string) - must have exact matching (previous behaviour) this fixes databricks#1777 * improving test coverage & emit user/sp for repos * Address PR feedback
# Version changelog ### 1.8.0 * Added support for GCP (Public Preview) with state upgraders for [databricks_mws_workspaces](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/mws_workspaces) ([databricks#1871](databricks#1871), [databricks#1886](databricks#1886), [databricks#1748](databricks#1748), [databricks#1879](databricks#1879)). * Added documentation for [databricks_permission_assignment](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/permission_assignment) ([databricks#1880](databricks#1880)). * Added `azure_attributes` to clusters in [databricks_pipeline](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/pipeline) resource ([databricks#1854](databricks#1854)). * Added [databricks_instance_pool](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/instance_pool) data source ([databricks#1907](databricks#1907)). * Added [databricks_provider](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/provider) resource for Delta Sharing ([databricks#1572](databricks#1572)). * Added acceptance tests for [databricks_cluster](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/cluster) data and [databricks_sql_endpoint](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/sql_endpoint) data ([databricks#1882](databricks#1882)). * Added search by name for [databricks_cluster](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/cluster) data source ([databricks#1901](databricks#1901)). * Added support for sparse checkouts in the [databricks_repo](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/repo) ([databricks#1869](databricks#1869)). * Added `config_reference` attribute to [databricks_secret](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/secret) for easier reference from Spark configuration ([databricks#1898](databricks#1898)). * Added `datarbicks_directory` data source ([databricks#1902](databricks#1902)). * Extended [databricks_catalog](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/catalog) resource to support Delta Sharing Catalog ([databricks#1887](databricks#1887)). * Improved [databricks_metastore_assignment](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/metastore_assignment) resource ([databricks#1900](databricks#1900)). * Improved [databricks_grants](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/grants) error messages ([databricks#1888](databricks#1888)). * Improved [databricks_group](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group) documentation ([databricks#1816](databricks#1816)). * Improved `data_security_mode` documentation for [databricks_cluster](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/cluster) ([databricks#1830](databricks#1830)). * Replace the incorrect `id` attribute with the correct `sp_id` in service principal data source docs example ([databricks#1873](databricks#1873)). * Use NVMe disk size for selection in the [databricks_node_type](https://registry.terraform.io/providers/databricks/databricks/latest/docs/data-sources/node_type) data source ([databricks#1856](databricks#1856)). * Allowed to override resource ID for specific data source ([databricks#1885](databricks#1885)). Experimental Resource Exporter * Added command-line flag to export all users and service principals ([databricks#1893](databricks#1893)). * Added emit for secret scopes from Spark Conf and Env Vars ([databricks#1897](databricks#1897)). * Fixed issue with exporting of resources with simple name ([databricks#1891](databricks#1891)). * Generate references that are matching only to a prefix ([databricks#1890](databricks#1890)). * Updated list of supported services and associated resources ([databricks#1894](databricks#1894)). * Use [databricks_group_role](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group_role) instead of deprecated [databricks_group_instance_profile](https://registry.terraform.io/providers/databricks/databricks/latest/docs/resources/group_instance_profile) ([databricks#1905](databricks#1905)). * Use `dbfs_path` as reference for init scripts in clusters ([databricks#1892](databricks#1892)). * Logging improvements ([databricks#1895](databricks#1895)). Updated dependency versions: * Bump google.golang.org/api from 0.104.0 to 0.105.0 ([databricks#1863](databricks#1863)).
There are cases when reference isn't a full match of a given value but a prefix of it. For example, user's notebook has a path of
/Users/user@domain/notebook
. To make it working correctly we need to emit user or service principal, and then make a correct reference with dependency on emitted user or notebook, like,${databricks_user.user_domain.home}/notebook
.This PR adds a new field to dependency specification:
MatchType
that may have following values:prefix
- value of attribute of resource is a prefix of a given attributeexact
(or empty string) - must have exact matching (previous behaviour)this fixes #1777