Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature] Add support for Databricks Account Console IP Access Lists #3221

Open
wants to merge 15 commits into
base: main
Choose a base branch
from
Open

[Feature] Add support for Databricks Account Console IP Access Lists #3221

wants to merge 15 commits into from
+349 −219

Conversation

nkvuong
Copy link
Contributor

@nkvuong nkvuong commented Feb 6, 2024

Changes

  • Add support for databricks_ip_access_list at account-level
  • Refactor databricks_ip_access_list tests to use Mock

Tests

  • make test run locally
  • relevant change in docs/ folder
  • covered with integration tests in internal/acceptance
  • relevant acceptance tests are passing
  • using Go SDK

@nkvuong nkvuong requested review from a team as code owners February 6, 2024 12:03
@nkvuong nkvuong requested review from tanmay-db and removed request for a team February 6, 2024 12:03
@nkvuong nkvuong changed the title Add support for Databricks Account Console IP Access Lists #2586 Add support for Databricks Account Console IP Access Lists Feb 6, 2024
@codecov-commenter
Copy link

codecov-commenter commented Feb 6, 2024
edited
Loading

Codecov Report

Attention: 10 lines in your changes are missing coverage. Please review.

Comparison is base (662a0bd) 83.60% compared to head (bed1350) 83.61%.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #3221      +/-   ##
==========================================
+ Coverage   83.60%   83.61%   +0.01%     
==========================================
  Files         169      169              
  Lines       15094    15132      +38     
==========================================
+ Hits        12619    12653      +34     
- Misses       1735     1739       +4     
  Partials      740      740
Files Coverage Δ
access/resource_ip_access_list.go 87.50% <84.12%> (+6.54%) ⬆️

... and 1 file with indirect coverage changes

@alexott alexott mentioned this pull request Feb 20, 2024
Closed
@alexott
Copy link
Contributor

alexott commented Nov 13, 2024

@nkvuong will we avoid the problem with the new "skip read after write" functionality?

@nkvuong nkvuong changed the title Add support for Databricks Account Console IP Access Lists [Feature] Add support for Databricks Account Console IP Access Lists Nov 13, 2024
@nkvuong
Copy link
Contributor Author

nkvuong commented Nov 13, 2024

@alexott let me test this out

alexott
alexott reviewed Nov 14, 2024
View reviewed changes
access/resource_ip_access_list.go Outdated
Comment on lines 52 to 63
retry.RetryContext(ctx, 10*time.Minute, func() *retry.RetryError {
_, err := acc.IpAccessLists.GetByIpAccessListId(ctx, ipAclId)
var apiErr *apierr.APIError
if !errors.As(err, &apiErr) {
return retry.NonRetryableError(err)
}
if apiErr.StatusCode == 404 {
return retry.RetryableError(err)
} else {
return retry.NonRetryableError(err)
}
})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we remove this workaround?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

so the issue, we can only enable the Account-level IP ACL after it has been created, so we still need to wait until it has been created. Otherwise the call to enable the ACL will fail

access/resource_ip_access_list.go
return err
}
}
d.SetId(ipAclId)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that we need to add StructToData on the result of the acc.IpAccessLists.Create here (and same for workspace-level create)

access/resource_ip_access_list.go Outdated
@@ -30,48 +33,86 @@ func ResourceIPAccessList() common.Resource {
})
return common.Resource{
Schema: s,
CanSkipReadAfterCreateAndUpdate: func(d *schema.ResourceData) bool {
//only skip read after create
return d.IsNewResource()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But if we'll have Read after Update, then we may get inconsistent state - API docs explicitly say that it may take a few minutes to propagate.

@nkvuong nkvuong requested a review from alexott November 15, 2024 11:52
@github-actions GitHub Actions
Copy link

If integration tests don't run automatically, an authorized user can run them manually by following the instructions below:

Trigger:
go/deco-tests-run/terraform

Inputs:

  • PR number: 3221
  • Commit SHA: 89a0ddf51ca1979c0325ab99f3b149d33f80b943

Checks will be approved automatically on success.

@eng-dev-ecosystem-bot
Copy link
Collaborator

Test Details: go/deco-tests/11866584699

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tanmay-db tanmay-db Awaiting requested review from tanmay-db tanmay-db is a code owner automatically assigned from databricks/eng-plat-auto-exp-reviewers

@alexott alexott Awaiting requested review from alexott

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nkvuong @codecov-commenter @alexott @eng-dev-ecosystem-bot