`google.api_core.exceptions.Forbidden: 403 GET https://bigquery.googleapis.com/bigquery/v2/projects/mozdata/datasets/casa/tables/projects?prettyPrint=false: Access Denied: Table mozdata:casa.projects: Permission bigquery.tables.get denied on table mozdata:casa.projects (or it may not exist).` #668
I am a "regular" Mozilla LDAP holder, with no special BigQuery privileges (that I am aware of). I would like to be able to work on lookml-generator. But more than that, I think it's important that "regular" Mozilla employees can at least try to run the tooling without additional gatekeepers granting rights.
I think that casa here actually refers to a non-public data source, so perhaps all that is needed is clear instructions on how to only generate things that are public?
(venv) nalexander@proto ~/M/lookml-generator (main)> time ./bin/generator lookml
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/Users/nalexander/Mozilla/lookml-generator/generator/__init__.py", line 35, in cli
group(prog_name=prog_name)
File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/click/core.py", line 1130, in __call__
return self.main(*args, **kwargs)
File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/click/core.py", line 1055, in main
rv = self.invoke(ctx)
File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/click/core.py", line 1657, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/click/core.py", line 1404, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/click/core.py", line 760, in invoke
return __callback(*args, **kwargs)
File "/Users/nalexander/Mozilla/lookml-generator/generator/lookml.py", line 167, in lookml
return _lookml(namespaces, glean_apps, target_dir)
File "/Users/nalexander/Mozilla/lookml-generator/generator/lookml.py", line 121, in _lookml
for view_path in _generate_views(client, view_dir, views, v1_name):
File "/Users/nalexander/Mozilla/lookml-generator/generator/lookml.py", line 34, in _generate_views
lookml = view.to_lookml(client, v1_name)
File "/Users/nalexander/Mozilla/lookml-generator/generator/views/table_view.py", line 66, in to_lookml
dimensions = lookml_utils._generate_dimensions(bq_client, table)
File "/Users/nalexander/Mozilla/lookml-generator/generator/views/lookml_utils.py", line 118, in _generate_dimensions
for dimension in _generate_dimensions_helper(client.get_table(table).schema):
File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/google/cloud/bigquery/client.py", line 1065, in get_table
api_response = self._call_api(
File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/google/cloud/bigquery/client.py", line 813, in _call_api
return call()
File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/google/api_core/retry.py", line 286, in retry_wrapped_func
return retry_target(
File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/google/api_core/retry.py", line 189, in retry_target
return target()
File "/Users/nalexander/Mozilla/lookml-generator/venv/lib/python3.10/site-packages/google/cloud/_http/__init__.py", line 494, in api_request
raise exceptions.from_http_response(response)
google.api_core.exceptions.Forbidden: 403 GET https://bigquery.googleapis.com/bigquery/v2/projects/mozdata/datasets/casa/tables/projects?prettyPrint=false: Access Denied: Table mozdata:casa.projects: Permission bigquery.tables.get denied on table mozdata:casa.projects (or it may not exist).
I am a "regular" Mozilla LDAP holder, with no special BigQuery privileges (that I am aware of). I would like to be able to work on
lookml-generator
. But more than that, I think it's important that "regular" Mozilla employees can at least try to run the tooling without additional gatekeepers granting rights.I think that
casa
here actually refers to a non-public data source, so perhaps all that is needed is clear instructions on how to only generate things that are public?┆Issue is synchronized with this Jira Task