search

mozilla / lookml-generator

LookML Generator for Glean and Mozilla Data
https://mozilla.github.io/lookml-generator/generator.html
Mozilla Public License 2.0
15 stars 17 forks source link

`google.api_core.exceptions.Forbidden: 403 GET https://bigquery.googleapis.com/bigquery/v2/projects/mozdata/datasets/casa/tables/projects?prettyPrint=false: Access Denied: Table mozdata:casa.projects: Permission bigquery.tables.get denied on table mozdata:casa.projects (or it may not exist).` #668

Open ncalexan opened 1 year ago

ncalexan commented 1 year ago

I am a "regular" Mozilla LDAP holder, with no special BigQuery privileges (that I am aware of). I would like to be able to work on lookml-generator. But more than that, I think it's important that "regular" Mozilla employees can at least try to run the tooling without additional gatekeepers granting rights.

I think that casa here actually refers to a non-public data source, so perhaps all that is needed is clear instructions on how to only generate things that are public?

(venv) nalexander@proto ~/M/lookml-generator (main)> time ./bin/generator lookml
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/Users/nalexander/Mozilla/lookml-generator/generator/__init__.py", line 35, in cli
    group(prog_name=prog_name)
  File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/click/core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
  File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/click/core.py", line 1055, in main
    rv = self.invoke(ctx)
  File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/click/core.py", line 1657, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/click/core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "/Users/nalexander/Mozilla/lookml-generator/generator/lookml.py", line 167, in lookml
    return _lookml(namespaces, glean_apps, target_dir)
  File "/Users/nalexander/Mozilla/lookml-generator/generator/lookml.py", line 121, in _lookml
    for view_path in _generate_views(client, view_dir, views, v1_name):
  File "/Users/nalexander/Mozilla/lookml-generator/generator/lookml.py", line 34, in _generate_views
    lookml = view.to_lookml(client, v1_name)
  File "/Users/nalexander/Mozilla/lookml-generator/generator/views/table_view.py", line 66, in to_lookml
    dimensions = lookml_utils._generate_dimensions(bq_client, table)
  File "/Users/nalexander/Mozilla/lookml-generator/generator/views/lookml_utils.py", line 118, in _generate_dimensions
    for dimension in _generate_dimensions_helper(client.get_table(table).schema):
  File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/google/cloud/bigquery/client.py", line 1065, in get_table
    api_response = self._call_api(
  File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/google/cloud/bigquery/client.py", line 813, in _call_api
    return call()
  File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/google/api_core/retry.py", line 286, in retry_wrapped_func
    return retry_target(
  File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/google/api_core/retry.py", line 189, in retry_target
    return target()
  File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/google/cloud/_http/__init__.py", line 494, in api_request
    raise exceptions.from_http_response(response)
google.api_core.exceptions.Forbidden: 403 GET https://bigquery.googleapis.com/bigquery/v2/projects/mozdata/datasets/casa/tables/projects?prettyPrint=false: Access Denied: Table mozdata:casa.projects: Permission bigquery.tables.get denied on table mozdata:casa.projects (or it may not exist).

┆Issue is synchronized with this Jira Task

ncalexan commented 1 year ago

I was able to get around this by hand-trimming namespaces.yaml to the one that I cared about. Perhaps the right thing to do is to: