search

databricks / terraform-provider-databricks

Databricks Terraform Provider
https://registry.terraform.io/providers/databricks/databricks/latest
Other
456 stars 393 forks source link

[Fix] Tolerate `databricks_permissions` resources for SQL warehouses with `/warehouses/...` IDs #4158

Closed mgyucht closed 3 weeks ago

mgyucht commented 4 weeks ago

Changes

4143 reported a regression to the databricks_permissions resource caused by https://github.com/databricks/terraform-provider-databricks/pull/3956. Normally, the ID for this resource when configured for a SQL warehouse is /sql/warehouses/<ID>. However, it seems like at some point in the past, some users may have had an ID of /warehouses/<ID>. It's possible that importing this resource worked like this: when calling the permissions REST API, whether using object type sql/warehouses or warehouses, the API returns permissions for the same resources:

15:13:01 DEBUG GET /api/2.0/permissions/sql/warehouses/<ID>
< HTTP/2.0 200 OK
< {
<   "access_control_list": [
<     {
<       "all_permissions": [
<         {
<           "inherited": false,
<           "permission_level": "IS_OWNER"
<         }
<       ],
<       "display_name": "<ME>",
<       "user_name": "<ME>"
<     },
<     {
<       "all_permissions": [
<         {
<           "inherited": true,
<           "inherited_from_object": [
<             "/sql/warehouses/"
<           ],
<           "permission_level": "CAN_MANAGE"
<         }
<       ],
<       "group_name": "admins"
<     }
<   ],
<   "object_id": "/sql/warehouses/<ID>",
<   "object_type": "warehouses"
< } pid=53287 sdk=true
...
15:12:56 DEBUG GET /api/2.0/permissions/warehouses/<ID>
< HTTP/2.0 200 OK
< {
<   "access_control_list": [
<     {
<       "all_permissions": [
<         {
<           "inherited": false,
<           "permission_level": "IS_OWNER"
<         }
<       ],
<       "display_name": "<ME>",
<       "user_name": "<ME>"
<     },
<     {
<       "all_permissions": [
<         {
<           "inherited": true,
<           "inherited_from_object": [
<             "/sql/warehouses/"
<           ],
<           "permission_level": "CAN_MANAGE"
<         }
<       ],
<       "group_name": "admins"
<     }
<   ],
<   "object_id": "/sql/warehouses/<ID>",
<   "object_type": "warehouses"
< } pid=53248 sdk=true

This PR modifies the SQL warehouse configuration for databricks_permissions to be chosen for instances with an ID of the form /warehouses/....

Tests

The additional integration test ensures that a resource can be imported with the /warehouses/<ID> format.

eng-dev-ecosystem-bot commented 4 weeks ago

Test Details: go/deco-tests/11518956399