Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create storage credentials based on instance profiles and existing roles. #869

Merged
merged 31 commits into from
Feb 18, 2024
Merged

Create storage credentials based on instance profiles and existing roles. #869

merged 31 commits into from
Feb 18, 2024

Conversation

FastLee
Copy link
Contributor

@FastLee FastLee commented Feb 1, 2024
edited
Loading

Changes

Linked issues

relates to #862
closes #913

Resolves #..

Functionality

Added method to detect missing roles and add them to the AWS account.

Screenshare.-.2024-02-17.9_23_51.PM.mp4

Tests

  • manually tested
  • added unit tests
  • added integration tests
  • verified on staging environment (screenshot attached)

@codecov Codecov
Copy link

codecov bot commented Feb 1, 2024
edited
Loading

Codecov Report

Attention: 12 lines in your changes are missing coverage. Please review.

Comparison is base (228dd8f) 87.92% compared to head (2980285) 87.92%.

Files Patch % Lines
src/databricks/labs/ucx/assessment/aws.py 85.88% 5 Missing and 7 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #869      +/-   ##
==========================================
- Coverage   87.92%   87.92%   -0.01%     
==========================================
  Files          43       43              
  Lines        5178     5258      +80     
  Branches      928      943      +15     
==========================================
+ Hits         4553     4623      +70     
- Misses        428      432       +4     
- Partials      197      203       +6

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

nfx
nfx requested changes Feb 1, 2024
View reviewed changes
Copy link
Collaborator

@nfx nfx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please rebase and address comments

src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
tests/unit/assessment/test_aws.py Outdated Show resolved Hide resolved
tests/unit/test_cli.py Outdated Show resolved Hide resolved
tests/unit/test_cli.py Outdated Show resolved Hide resolved
tests/unit/test_cli.py Outdated Show resolved Hide resolved
tests/unit/test_cli.py Outdated Show resolved Hide resolved
@FastLee FastLee force-pushed the feature/migrate-storage-credentials-862 branch from 2148442 to e224cbf Compare February 16, 2024 01:56
nfx
nfx reviewed Feb 16, 2024
View reviewed changes
src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
nfx
nfx requested changes Feb 17, 2024
View reviewed changes
Copy link
Collaborator

@nfx nfx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use dictionaries and serialize them to JSON, no string replacement

src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
@FastLee FastLee marked this pull request as ready for review February 17, 2024 17:59
@FastLee FastLee requested review from a team, zpappa and nfx February 17, 2024 17:59
@FastLee FastLee requested a review from nfx February 17, 2024 19:41
nfx
nfx requested changes Feb 17, 2024
View reviewed changes
src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
src/databricks/labs/ucx/assessment/aws.py Outdated Show resolved Hide resolved
src/databricks/labs/ucx/assessment/aws.py
aws_cmd = shutil.which("aws")
code, _, error = self._command_runner(f"{aws_cmd} {command} --output json")
if code != 0:
logger.error(error)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't we throw the exception instead for it to bubble up to the top?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure.

@FastLee FastLee requested a review from nfx February 17, 2024 20:30
@FastLee FastLee requested a review from nfx February 17, 2024 23:16
nfx
nfx approved these changes Feb 18, 2024
View reviewed changes
Copy link
Collaborator

@nfx nfx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add a small demo to PR description and ready to merge

@FastLee FastLee enabled auto-merge February 18, 2024 11:45
@nfx nfx merged commit fc48c6f into main Feb 18, 2024
5 of 7 checks passed
@nfx nfx deleted the feature/migrate-storage-credentials-862 branch February 18, 2024 15:18
nfx added a commit that referenced this pull request Feb 21, 2024
@nfx
Release v0.13.1
546199b 
* Added secret detection logic to Azure service principal crawler ([#950](#950)).
* Create storage credentials based on instance profiles and existing roles ([#869](#869)).
* Enforced `protected-access` pylint rule ([#956](#956)).
* Enforced `pylint` on unit and integration test code ([#953](#953)).
* Enforcing `invalid-name` pylint rule ([#957](#957)).
* Fixed AzureResourcePermissions.load to call Installation.load ([#962](#962)).
* Fixed installer script to reuse an existing UCX Cluster policy if present ([#964](#964)).
* More `pylint` tuning ([#958](#958)).
* Refactor `workspace_client_mock` to have combine fixtures stored in separate JSON files ([#955](#955)).

Dependency updates:

 * Updated databricks-sdk requirement from ~=0.19.0 to ~=0.20.0 ([#961](#961)).
@nfx nfx mentioned this pull request Feb 21, 2024
Merged
nfx added a commit that referenced this pull request Feb 21, 2024
@nfx
Release v0.13.1 (#966)
d1fdd9d 
* Added secret detection logic to Azure service principal crawler
([#950](#950)).
* Create storage credentials based on instance profiles and existing
roles ([#869](#869)).
* Enforced `protected-access` pylint rule
([#956](#956)).
* Enforced `pylint` on unit and integration test code
([#953](#953)).
* Enforcing `invalid-name` pylint rule
([#957](#957)).
* Fixed AzureResourcePermissions.load to call Installation.load
([#962](#962)).
* Fixed installer script to reuse an existing UCX Cluster policy if
present ([#964](#964)).
* More `pylint` tuning
([#958](#958)).
* Refactor `workspace_client_mock` to have combine fixtures stored in
separate JSON files
([#955](#955)).

Dependency updates:

* Updated databricks-sdk requirement from ~=0.19.0 to ~=0.20.0
([#961](#961)).
dmoore247 pushed a commit that referenced this pull request Mar 23, 2024
@FastLee @dmoore247
Create storage credentials based on instance profiles and existing ro…
00b39d1 
…les. (#869)
dmoore247 pushed a commit that referenced this pull request Mar 23, 2024
@nfx @dmoore247
Release v0.13.1 (#966)
9977a8d 
* Added secret detection logic to Azure service principal crawler
([#950](#950)).
* Create storage credentials based on instance profiles and existing
roles ([#869](#869)).
* Enforced `protected-access` pylint rule
([#956](#956)).
* Enforced `pylint` on unit and integration test code
([#953](#953)).
* Enforcing `invalid-name` pylint rule
([#957](#957)).
* Fixed AzureResourcePermissions.load to call Installation.load
([#962](#962)).
* Fixed installer script to reuse an existing UCX Cluster policy if
present ([#964](#964)).
* More `pylint` tuning
([#958](#958)).
* Refactor `workspace_client_mock` to have combine fixtures stored in
separate JSON files
([#955](#955)).

Dependency updates:

* Updated databricks-sdk requirement from ~=0.19.0 to ~=0.20.0
([#961](#961)).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nfx nfx nfx approved these changes

@zpappa zpappa Awaiting requested review from zpappa

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[FEATURE]: Create cloud principals [AWS]
2 participants
@FastLee @nfx