steve/databricks-cli
steve
/
databricks-cli
mirror of https://github.com/databricks/cli.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat(permissions): add cluster specific permissions

This commit is contained in:
Mike-F-G 2024-10-25 15:25:22 +02:00
parent f018daf413
commit 16e2ceeefa
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
bundle/permissions/mutator.go
View File

@ -43,6 +43,11 @@ var levelsMap = map[string](map[string]string){
CAN_MANAGE: "CAN_MANAGE", CAN_MANAGE: "CAN_MANAGE",
CAN_VIEW: "CAN_READ", CAN_VIEW: "CAN_READ",
}, },
"clusters": {
CAN_MANAGE: "CAN_MANAGE",
CAN_VIEW: "CAN_RESTART",
CAN_RUN: "CAN_ATTACH_TO",
},
} }
type bundlePermissions struct{} type bundlePermissions struct{}
@ -62,6 +67,7 @@ func (m *bundlePermissions) Apply(ctx context.Context, b *bundle.Bundle) diag.Di
applyForMlModels(ctx, b) applyForMlModels(ctx, b)
applyForMlExperiments(ctx, b) applyForMlExperiments(ctx, b)
applyForModelServiceEndpoints(ctx, b) applyForModelServiceEndpoints(ctx, b)
applyForClusters(ctx, b)
return nil return nil
} }
@ -136,6 +142,19 @@ func applyForModelServiceEndpoints(ctx context.Context, b *bundle.Bundle) {
} }
} }
func applyForClusters(ctx context.Context, b *bundle.Bundle) {
for key, cluster := range b.Config.Resources.Clusters {
cluster.Permissions = append(cluster.Permissions, convert(
ctx,
b.Config.Permissions,
cluster.Permissions,
key,
levelsMap["clusters"],
)...)
}
}
func (m *bundlePermissions) Name() string { func (m *bundlePermissions) Name() string {
return "ApplyBundlePermissions" return "ApplyBundlePermissions"
} }