Google Cloud SQL MySQL Connector (#4949)

Co-authored-by: Adrian Galvan <adrian@ethyca.com>

.github/workflows/backend_checks.yml

@@ -337,23 +337,27 @@ jobs:
 
       - name: Integration Tests (External)
         env:
-          BIGQUERY_KEYFILE_CREDS: ${{ secrets.BIGQUERY_KEYFILE_CREDS }}
           BIGQUERY_DATASET: fidesopstest
-          DYNAMODB_REGION: ${{ secrets.DYNAMODB_REGION }}
+          BIGQUERY_KEYFILE_CREDS: ${{ secrets.BIGQUERY_KEYFILE_CREDS }}
           DYNAMODB_ACCESS_KEY_ID: ${{ secrets.DYNAMODB_ACCESS_KEY_ID }}
           DYNAMODB_ACCESS_KEY: ${{ secrets.DYNAMODB_ACCESS_KEY }}
+          DYNAMODB_REGION: ${{ secrets.DYNAMODB_REGION }}
+          GOOGLE_CLOUD_SQL_MYSQL_DB_IAM_USER: ${{ secrets.GOOGLE_CLOUD_SQL_MYSQL_DB_IAM_USER }}
+          GOOGLE_CLOUD_SQL_MYSQL_INSTANCE_CONNECTION_NAME: ${{ secrets.GOOGLE_CLOUD_SQL_MYSQL_INSTANCE_CONNECTION_NAME }}
+          GOOGLE_CLOUD_SQL_MYSQL_DATABASE_NAME: ${{ secrets.GOOGLE_CLOUD_SQL_MYSQL_DATABASE_NAME }}
+          GOOGLE_CLOUD_SQL_MYSQL_KEYFILE_CREDS: ${{ secrets.GOOGLE_CLOUD_SQL_MYSQL_KEYFILE_CREDS }}
+          REDSHIFT_TEST_DATABASE: ${{ secrets.REDSHIFT_TEST_DATABASE }}
+          REDSHIFT_TEST_DB_SCHEMA: ${{ secrets.REDSHIFT_TEST_DB_SCHEMA }}
           REDSHIFT_TEST_HOST: ${{ secrets.REDSHIFT_TEST_HOST }}
+          REDSHIFT_TEST_PASSWORD: ${{ secrets.REDSHIFT_TEST_PASSWORD }}
           REDSHIFT_TEST_PORT: ${{ secrets.REDSHIFT_TEST_PORT }}
           REDSHIFT_TEST_USER: ${{ secrets.REDSHIFT_TEST_USER }}
-          REDSHIFT_TEST_PASSWORD: ${{ secrets.REDSHIFT_TEST_PASSWORD }}
-          REDSHIFT_TEST_DATABASE: ${{ secrets.REDSHIFT_TEST_DATABASE }}
-          REDSHIFT_TEST_DB_SCHEMA: ${{ secrets.REDSHIFT_TEST_DB_SCHEMA }}
           SNOWFLAKE_TEST_ACCOUNT_IDENTIFIER: ${{ secrets.SNOWFLAKE_TEST_ACCOUNT_IDENTIFIER }}
-          SNOWFLAKE_TEST_USER_LOGIN_NAME: ${{ secrets.SNOWFLAKE_TEST_USER_LOGIN_NAME }}
-          SNOWFLAKE_TEST_PASSWORD: ${{ secrets.SNOWFLAKE_TEST_PASSWORD }}
-          SNOWFLAKE_TEST_WAREHOUSE_NAME: ${{ secrets.SNOWFLAKE_TEST_WAREHOUSE_NAME }}
           SNOWFLAKE_TEST_DATABASE_NAME: ${{ secrets.SNOWFLAKE_TEST_DATABASE_NAME }}
+          SNOWFLAKE_TEST_PASSWORD: ${{ secrets.SNOWFLAKE_TEST_PASSWORD }}
           SNOWFLAKE_TEST_SCHEMA_NAME: ${{ secrets.SNOWFLAKE_TEST_SCHEMA_NAME }}
+          SNOWFLAKE_TEST_USER_LOGIN_NAME: ${{ secrets.SNOWFLAKE_TEST_USER_LOGIN_NAME }}
+          SNOWFLAKE_TEST_WAREHOUSE_NAME: ${{ secrets.SNOWFLAKE_TEST_WAREHOUSE_NAME }}
 
         run: nox -s "pytest(ops-external-datastores)"
 

CHANGELOG.md

@@ -27,6 +27,7 @@ The types of changes are:
 - Support for Limited FIDES__CELERY__* Env Vars [#4980](https://github.com/ethyca/fides/pull/4980)
 - Implement sending emails via property-specific messaging templates [#4950](https://github.com/ethyca/fides/pull/4950)
 - New privacy request search to replace existing endpoint [#4987](https://github.com/ethyca/fides/pull/4987)
+- Added new Google Cloud SQL for MySQL Connector [#4949](https://github.com/ethyca/fides/pull/4949)
 
 ### Changed
 - Move new data map reporting table out of beta and remove old table from Data Lineage map. [#4963](https://github.com/ethyca/fides/pull/4963)

clients/admin-ui/cypress/fixtures/connectors/connection_types.json

@@ -30,6 +30,12 @@
       "human_readable": "MySQL",
       "encoded_icon": null
     },
+    {
+      "identifier": "google_cloud_sql_mysql",
+      "type": "database",
+      "human_readable": "Google Cloud SQL for MySQL",
+      "encoded_icon": null
+    },
     {
       "identifier": "postgres",
       "type": "database",

clients/admin-ui/src/features/datastore-connections/constants.ts

@@ -39,6 +39,7 @@ export const CONNECTION_TYPE_LOGO_MAP = new Map<ConnectionType, string>([
   [ConnectionType.DYNAMODB, "dynamodb.svg"],
   [ConnectionType.GENERIC_CONSENT_EMAIL, "ethyca.svg"],
   [ConnectionType.GENERIC_ERASURE_EMAIL, "ethyca.svg"],
+  [ConnectionType.GOOGLE_CLOUD_SQL_MYSQL, "google_cloud_sql.svg"],
   [ConnectionType.MANUAL_WEBHOOK, "manual_webhook.svg"],
   [ConnectionType.MARIADB, "mariadb.svg"],
   [ConnectionType.MONGODB, "mongodb.svg"],

clients/admin-ui/src/types/api/models/ConnectionType.ts

@@ -27,4 +27,5 @@ export enum ConnectionType {
   SCYLLA = "scylla",
   GENERIC_ERASURE_EMAIL = "generic_erasure_email",
   GENERIC_CONSENT_EMAIL = "generic_consent_email",
+  GOOGLE_CLOUD_SQL_MYSQL = "google_cloud_sql_mysql",
 }

data/dataset/google_cloud_sql_mysql_example_test_dataset.yml

@@ -0,0 +1,210 @@
+dataset:
+  - fides_key: google_cloud_sql_mysql_example_test_dataset
+    name: Google Cloud SQL for MySQL Example Test Dataset
+    description: Example of a Google Cloud SQL MySQL dataset containing a variety of related tables like customers, products, addresses, etc.
+    collections:
+      - name: address
+        fields:
+          - name: city
+            data_categories: [user.contact.address.city]
+          - name: house
+            data_categories: [user.contact.address.street]
+          - name: id
+            data_categories: [system.operations]
+            fides_meta:
+              primary_key: True
+          - name: state
+            data_categories: [user.contact.address.state]
+          - name: street
+            data_categories: [user.contact.address.street]
+          - name: zip
+            data_categories: [user.contact.address.postal_code]
+
+      - name: customer
+        fields:
+          - name: address_id
+            data_categories: [system.operations]
+            fides_meta:
+              references:
+                - dataset: google_cloud_sql_mysql_example_test_dataset
+                  field: address.id
+                  direction: to
+          - name: created
+            data_categories: [system.operations]
+          - name: email
+            data_categories: [user.contact.email]
+            fides_meta:
+              identity: email
+              data_type: string
+          - name: id
+            data_categories: [user.unique_id]
+            fides_meta:
+              primary_key: True
+          - name: name
+            data_categories: [user.name]
+
+      - name: employee
+        fields:
+          - name: address_id
+            data_categories: [system.operations]
+            fides_meta:
+              references:
+                - dataset: google_cloud_sql_mysql_example_test_dataset
+                  field: address.id
+                  direction: to
+          - name: email
+            data_categories: [user.contact.email]
+            fides_meta:
+              identity: email
+              data_type: string
+          - name: id
+            data_categories: [user.unique_id]
+            fides_meta:
+              primary_key: True
+          - name: name
+            data_categories: [user.name]
+
+      - name: login
+        fields:
+          - name: customer_id
+            data_categories: [user.unique_id]
+            fides_meta:
+              references:
+                - dataset: google_cloud_sql_mysql_example_test_dataset
+                  field: customer.id
+                  direction: from
+          - name: id
+            data_categories: [system.operations]
+          - name: time
+            data_categories: [user.sensor]
+
+      - name: orders
+        fields:
+          - name: customer_id
+            data_categories: [user.unique_id]
+            fides_meta:
+              references:
+                - dataset: google_cloud_sql_mysql_example_test_dataset
+                  field: customer.id
+                  direction: from
+          - name: id
+            data_categories: [system.operations]
+            fides_meta:
+              primary_key: True
+          - name: shipping_address_id
+            data_categories: [system.operations]
+            fides_meta:
+              references:
+                - dataset: google_cloud_sql_mysql_example_test_dataset
+                  field: address.id
+                  direction: to
+
+      # order_item
+      - name: order_item
+        fields:
+          - name: order_id
+            data_categories: [system.operations]
+            fides_meta:
+              references:
+                - dataset: google_cloud_sql_mysql_example_test_dataset
+                  field: orders.id
+                  direction: from
+          - name: product_id
+            data_categories: [system.operations]
+            fides_meta:
+              references:
+                - dataset: google_cloud_sql_mysql_example_test_dataset
+                  field: product.id
+                  direction: to
+          - name: quantity
+            data_categories: [system.operations]
+
+      - name: payment_card
+        fields:
+          - name: billing_address_id
+            data_categories: [system.operations]
+            fides_meta:
+              references:
+                - dataset: google_cloud_sql_mysql_example_test_dataset
+                  field: address.id
+                  direction: to
+          - name: ccn
+            data_categories: [user.financial.bank_account]
+          - name: code
+            data_categories: [user.financial]
+          - name: customer_id
+            data_categories: [user.unique_id]
+            fides_meta:
+              references:
+                - dataset: google_cloud_sql_mysql_example_test_dataset
+                  field: customer.id
+                  direction: from
+          - name: id
+            data_categories: [system.operations]
+          - name: name
+            data_categories: [user.financial]
+          - name: preferred
+            data_categories: [user]
+
+      - name: product
+        fields:
+          - name: id
+            data_categories: [system.operations]
+          - name: name
+            data_categories: [system.operations]
+          - name: price
+            data_categories: [system.operations]
+
+      - name: report
+        fields:
+          - name: email
+            data_categories: [user.contact.email]
+            fides_meta:
+              identity: email
+              data_type: string
+          - name: id
+            data_categories: [system.operations]
+          - name: month
+            data_categories: [system.operations]
+          - name: name
+            data_categories: [system.operations]
+          - name: total_visits
+            data_categories: [system.operations]
+          - name: year
+            data_categories: [system.operations]
+
+      - name: service_request
+        fields:
+          - name: alt_email
+            data_categories: [user.contact.email]
+            fides_meta:
+              identity: email
+              data_type: string
+          - name: closed
+            data_categories: [system.operations]
+          - name: email
+            data_categories: [system.operations]
+            fides_meta:
+              identity: email
+              data_type: string
+          - name: employee_id
+            data_categories: [user.unique_id]
+            fides_meta:
+              references:
+                - dataset: google_cloud_sql_mysql_example_test_dataset
+                  field: employee.id
+                  direction: from
+          - name: id
+            data_categories: [system.operations]
+          - name: opened
+            data_categories: [system.operations]
+
+      - name: visit
+        fields:
+          - name: email
+            data_categories: [user.contact.email]
+            fides_meta:
+              identity: email
+              data_type: string
+          - name: last_visit
+            data_categories: [system.operations]

noxfiles/run_infrastructure.py

@@ -44,6 +44,12 @@
         "DYNAMODB_ACCESS_KEY_ID",
         "DYNAMODB_ACCESS_KEY",
     ],
+    "google_cloud_sql_mysql": [
+        "GOOGLE_CLOUD_SQL_MYSQL_DB_IAM_USER",
+        "GOOGLE_CLOUD_SQL_MYSQL_INSTANCE_CONNECTION_NAME",
+        "GOOGLE_CLOUD_SQL_MYSQL_DATABASE_NAME",
+        "GOOGLE_CLOUD_SQL_MYSQL_KEYFILE_CREDS",
+    ],
 }
 EXTERNAL_DATASTORES = list(EXTERNAL_DATASTORE_CONFIG.keys())
 ALL_DATASTORES = DOCKERFILE_DATASTORES + EXTERNAL_DATASTORES

noxfiles/setup_tests_nox.py

@@ -157,6 +157,14 @@ def pytest_ops(session: Session, mark: str, coverage_arg: str) -> None:
             "-e",
             "BIGQUERY_DATASET",
             "-e",
+            "GOOGLE_CLOUD_SQL_MYSQL_DB_IAM_USER",
+            "-e",
+            "GOOGLE_CLOUD_SQL_MYSQL_INSTANCE_CONNECTION_NAME",
+            "-e",
+            "GOOGLE_CLOUD_SQL_MYSQL_DATABASE_NAME",
+            "-e",
+            "GOOGLE_CLOUD_SQL_MYSQL_KEYFILE_CREDS",
+            "-e",
             "DYNAMODB_REGION",
             "-e",
             "DYNAMODB_ACCESS_KEY_ID",

pyproject.toml

@@ -47,27 +47,28 @@ module = [
   "fideslog.*",
   "firebase_admin.*",
   "google.api_core.*",
-  "nh3.*",
   "joblib.*",
   "jose.*",
   "jwt.*",
   "multidimensional_urlencode.*",
   "networkx.*",
+  "nh3.*",
   "okta.*",
   "pandas.*",
   "plotly.*",
   "pydash.*",
+  "pygtrie.*",
   "pymongo.*",
+  "pymysql.*",
   "RestrictedPython.*",
   "sendgrid.*",
   "snowflake.*",
+  "sqlalchemy_utils.*",
   "sqlalchemy.ext.*",
   "sqlalchemy.future.*",
-  "sqlalchemy_utils.*",
   "twilio.*",
   "uvicorn.*",
   "validators.*",
-  "pygtrie.*",
 ]
 ignore_missing_imports = true
 
@@ -185,6 +186,7 @@ markers = [
     "integration_postgres",
     "integration_mongodb",
     "integration_mssql",
+    "integration_google_cloud_sql_mysql",
     "integration_redshift",
     "integration_snowflake",
     "integration_mariadb",

requirements.txt

@@ -5,8 +5,9 @@ APScheduler==3.9.1.post1
 asyncpg==0.27.0
 boto3==1.26.1
 celery[pytest]==5.2.7
+cloud-sql-python-connector==1.9.2
 colorama>=0.4.3
-cryptography==38.0.3
+cryptography==42.0.0
 dask==2022.9.2
 deepdiff==6.3.0
 defusedxml==0.7.1