steve/databricks-cli
steve
/
databricks-cli
mirror of https://github.com/databricks/cli.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fixes

This commit is contained in:
Andrew Nester 2024-10-10 15:21:50 +02:00
parent 11afdfbea3
commit 8ccec0a86f
No known key found for this signature in database
GPG Key ID: 12BC628A44B7DA57
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
bundle/permissions/workspace_root.go
View File

@ -88,9 +88,6 @@ func getWorkspaceObjectPermissionLevel(bundlePermission string) (workspace.Works
// checkWorkspaceRootPermissions checks that if permissions are set for the workspace root, and workspace root starts with /Workspace/Shared, then permissions should be set for group: users // checkWorkspaceRootPermissions checks that if permissions are set for the workspace root, and workspace root starts with /Workspace/Shared, then permissions should be set for group: users
func checkWorkspaceRootPermissions(b *bundle.Bundle) diag.Diagnostics { func checkWorkspaceRootPermissions(b *bundle.Bundle) diag.Diagnostics {
var diags diag.Diagnostics var diags diag.Diagnostics
if len(b.Config.Permissions) == 0 {
return nil
}
if !strings.HasPrefix(b.Config.Workspace.RootPath, "/Workspace/Shared/") { if !strings.HasPrefix(b.Config.Workspace.RootPath, "/Workspace/Shared/") {
return nil return nil
@ -106,7 +103,7 @@ func checkWorkspaceRootPermissions(b *bundle.Bundle) diag.Diagnostics {
if !allUsers { if !allUsers {
diags = diags.Append(diag.Diagnostic{ diags = diags.Append(diag.Diagnostic{
Severity: diag.Warning, Severity: diag.Warning,
Summary: "workspace_root_permissions", Summary: fmt.Sprintf("the bundle root path %s is writable by all workspace users", b.Config.Workspace.RootPath),
Detail: "bundle is configured to /Workspace/Shared, which will give read/write access to all users. If all users should have access, add CAN_MANAGE for 'group_name: users' permission to your bundle configuration. If the deployment should be restricted, move it to a restricted folder such as /Users/<username or principal name>", Detail: "bundle is configured to /Workspace/Shared, which will give read/write access to all users. If all users should have access, add CAN_MANAGE for 'group_name: users' permission to your bundle configuration. If the deployment should be restricted, move it to a restricted folder such as /Users/<username or principal name>",
}) })
} }