Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sql, server: add new system privileges for observability #85280

Merged
merged 1 commit into from
Aug 9, 2022
Merged

sql, server: add new system privileges for observability #85280

merged 1 commit into from
Aug 9, 2022

Conversation

Santamaura
Copy link
Contributor

@Santamaura Santamaura commented Jul 28, 2022
edited
Loading

This patch introduces 2 new system privileges
VIEWDEBUG and VIEWCLUSTERMETADATA. VIEWDEBUG
will now be used to gate taking traces and viewing
debug endpoints. VIEWCLUSTERMETADATA will now be
used to gate the node and range reports.

Resolves #83844, #83856, #83857, #83858, #83861

Release note (sql change): add VIEWDEBUG and
VIEWCLUSTERMETADATA system privileges.

@cockroach-teamcity
Copy link
Member

This change is Reviewable

@Santamaura Santamaura changed the title sql, server: add new builtin roles and system privileges sql, server: add new builtin roles and system privileges for observability Jul 28, 2022
@Santamaura Santamaura force-pushed the new-obs-privileges-roles branch 15 times, most recently from 3bccb5e to fb679c4 Compare August 3, 2022 13:41
@Santamaura Santamaura requested review from koorosh, zachlite, RichardJCai and a team August 3, 2022 13:42
@Santamaura
Copy link
Contributor Author

Santamaura commented Aug 3, 2022
edited
Loading

Some tests that don't seem related seem to fail so might be missing something re: adding the new builtin roles.

Edit: irrelevant now

@Santamaura Santamaura marked this pull request as ready for review August 3, 2022 13:43
@Santamaura Santamaura requested review from a team August 3, 2022 13:43
@Santamaura Santamaura requested review from a team as code owners August 3, 2022 13:43
@Santamaura Santamaura requested a review from rhu713 August 3, 2022 13:43
@Santamaura Santamaura marked this pull request as draft August 3, 2022 16:22
@Santamaura Santamaura force-pushed the new-obs-privileges-roles branch 3 times, most recently from 080a490 to cc5f81e Compare August 4, 2022 15:19
@shermanCRL shermanCRL requested a review from adityamaru August 4, 2022 15:20
@Santamaura Santamaura changed the title sql, server: add new builtin roles and system privileges for observability sql, server: add new system privileges for observability Aug 4, 2022
@Santamaura Santamaura force-pushed the new-obs-privileges-roles branch from cc5f81e to 3f7d07c Compare August 4, 2022 15:26
@Santamaura Santamaura marked this pull request as ready for review August 4, 2022 15:39
@Santamaura Santamaura force-pushed the new-obs-privileges-roles branch from 3f7d07c to 8cf565d Compare August 8, 2022 20:51
RichardJCai
RichardJCai reviewed Aug 8, 2022
View reviewed changes
Copy link
Contributor

@RichardJCai RichardJCai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM other than nit about error message in version gate. We should return the old error message about admin user

pkg/server/admin.go Outdated
if c.st.Version.IsActive(ctx, clusterversion.SystemPrivilegesTable) {
hasViewClusterMetadata = c.checkHasSystemPrivilege(ctx, userName, privilege.VIEWCLUSTERMETADATA)
}
if !hasViewClusterMetadata {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this should go into the IsActive since if it's not active, we can't actually grant VIEWCLUSTERMETADATA

pkg/server/admin.go Outdated
if c.st.Version.IsActive(ctx, clusterversion.SystemPrivilegesTable) {
hasViewDebug = c.checkHasSystemPrivilege(ctx, userName, privilege.VIEWDEBUG)
}
if !hasViewDebug {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ditto

@Santamaura
sql, server: add new system privileges
71f0298 
for observability

This patch introduces 2 new system privileges
VIEWDEBUG and VIEWCLUSTERMETADATA. VIEWDEBUG
will now be used to gate taking traces and viewing
debug endpoints. VIEWCLUSTERMETADATA will now be
used to gate the node and range reports.

Resolves cockroachdb#83844, cockroachdb#83856, cockroachdb#83857, cockroachdb#83858, cockroachdb#83861

Release note (sql change): add VIEWDEBUG and
VIEWCLUSTERMETADATA system privileges.
@Santamaura Santamaura force-pushed the new-obs-privileges-roles branch from 8cf565d to 71f0298 Compare August 9, 2022 14:14
Santamaura
Santamaura commented Aug 9, 2022
View reviewed changes
Copy link
Contributor Author

@Santamaura Santamaura left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ack

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (waiting on @adityamaru, @koorosh, @rhu713, @RichardJCai, and @zachlite)

pkg/server/admin.go line 3563 at r2 (raw file):

Previously, RichardJCai (Richard Cai) wrote…

I think this should go into the IsActive since if it's not active, we can't actually grant VIEWCLUSTERMETADATA

Done

pkg/server/admin.go line 3584 at r2 (raw file):

Previously, RichardJCai (Richard Cai) wrote…

Ditto

Done

@Santamaura Santamaura requested a review from RichardJCai August 9, 2022 17:51
RichardJCai
RichardJCai approved these changes Aug 9, 2022
View reviewed changes
Copy link
Contributor

@RichardJCai RichardJCai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM modulo nits

RichardJCai
RichardJCai reviewed Aug 9, 2022
View reviewed changes
pkg/server/admin.go
codes.PermissionDenied, "this operation requires the %s system privilege",
privilege.VIEWDEBUG)
}
} else {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: don't need else, I think linter might complain about this too

RichardJCai
RichardJCai reviewed Aug 9, 2022
View reviewed changes
pkg/server/admin.go
codes.PermissionDenied, "this operation requires the %s system privilege",
privilege.VIEWCLUSTERMETADATA)
}
} else {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: don't need else, I think linter might complain about this too

Santamaura
Santamaura commented Aug 9, 2022
View reviewed changes
Copy link
Contributor Author

@Santamaura Santamaura left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (waiting on @adityamaru, @koorosh, @rhu713, @RichardJCai, @Santamaura, and @zachlite)

pkg/server/admin.go line 3565 at r3 (raw file):

Previously, RichardJCai (Richard Cai) wrote…

nit: don't need else, I think linter might complain about this too

@RichardJCai wouldn't we need the else, if the user doesn't have admin but has the privilege it would hit the admin error without the else right?

RichardJCai
RichardJCai reviewed Aug 9, 2022
View reviewed changes
Copy link
Contributor

@RichardJCai RichardJCai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (waiting on @adityamaru, @koorosh, @rhu713, @RichardJCai, @Santamaura, and @zachlite)

pkg/server/admin.go line 3565 at r3 (raw file):

Previously, Santamaura (Alex Santamaura) wrote…

@RichardJCai wouldn't we need the else, if the user doesn't have admin but has the privilege it would hit the admin error without the else right?

I meant we can return without the else.

Santamaura
Santamaura commented Aug 9, 2022
View reviewed changes
Copy link
Contributor Author

@Santamaura Santamaura left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (waiting on @adityamaru, @koorosh, @rhu713, @RichardJCai, @Santamaura, and @zachlite)

pkg/server/admin.go line 3565 at r3 (raw file):

Previously, RichardJCai (Richard Cai) wrote…

I meant we can return without the else.

I'm a kind of confused, if we omit the else the scenario I mentioned above will occur or am I going crazy?

RichardJCai
RichardJCai reviewed Aug 9, 2022
View reviewed changes
Copy link
Contributor

@RichardJCai RichardJCai left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (waiting on @adityamaru, @koorosh, @rhu713, @RichardJCai, @Santamaura, and @zachlite)

pkg/server/admin.go line 3565 at r3 (raw file):

Previously, Santamaura (Alex Santamaura) wrote…

I'm a kind of confused, if we omit the else the scenario I mentioned above will occur or am I going crazy?

if {
   ...
   return ...
} else {
   return ...
}

is the same as just

if { 
  ...
  return ...
}
return ...

RichardJCai
RichardJCai reviewed Aug 9, 2022
View reviewed changes
Copy link
Contributor

@RichardJCai RichardJCai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (waiting on @adityamaru, @koorosh, @rhu713, @RichardJCai, @Santamaura, and @zachlite)

pkg/server/admin.go line 3565 at r3 (raw file):

Previously, RichardJCai (Richard Cai) wrote…
if {
   ...
} else {
   return ...
}

is the same as just

if { 
  ...
}
return ...

Wait sorry I read the brackets wrong and there has to be a return in the if

@Santamaura
Copy link
Contributor Author

Per our async discussion I will go ahead and bors it

@Santamaura
Copy link
Contributor Author

bors r+

@craig
Copy link
Contributor

craig bot commented Aug 9, 2022

Build succeeded:

@craig craig bot merged commit 8bcd0cd into cockroachdb:master Aug 9, 2022
@cockroach-teamcity cockroach-teamcity mentioned this pull request Aug 9, 2022
Closed
@Santamaura Santamaura deleted the new-obs-privileges-roles branch August 10, 2022 14:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RichardJCai RichardJCai RichardJCai approved these changes

@koorosh koorosh Awaiting requested review from koorosh

@zachlite zachlite Awaiting requested review from zachlite

@rhu713 rhu713 Awaiting requested review from rhu713

@adityamaru adityamaru Awaiting requested review from adityamaru

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add new system privileges for specific operator actions
3 participants
@Santamaura @cockroach-teamcity @RichardJCai