Skip to main content

A DSL for generating rules.json files for Trino

Project description

osc-trino-acl-dsl

A declarative format for configuring Trino access control

To operationalize this code you need Trino adminstrator privileges

examples:

Converting Trino ACL DSL to a rules.json

# install package using pipenv, pip or similar tools
$ pipenv install osc-trino-acl-dsl

# the package command `trino-dsl-to-rules` will load the given yaml or json file
# and write the resulting 'rules.json' file to standard output
# dsl-example-1.yaml is in the 'examples' directory of this repository
$ pipenv run trino-dsl-to-rules dsl-example-1.yaml > rules.json

# rules.json is trino file-based access control rules file
$ head rules.json
{
    "catalogs": [
        {
            "group": "admins",
            "allow": "all"
        },
        {
            "group": ".*",
            "catalog": "dev",
            "allow": "all"

Using pre-commit checks

For more information on pre-commit checks, see here

Here is an example entry for .pre-commit-config.yaml

repos:
  - repo: https://github.com/os-climate/osc-trino-acl-dsl
    rev: v0.2.0
    hooks:
      # a pre-commit check to verify that an ACL DSL yaml file is in sync with rules.json file
      - id: trino-acl-dsl-check
        # by default, check pattern matches files named 'trino-acl-dsl.yaml'
        # args: [ '--check-pattern=^my-file-regex\.yaml$' ]

building and testing

iterative dev/test for pre-commit checks

  1. check out this repository
  2. make some change to precommit checks you want to test
  3. in a test repository, make an edit you expect your precommit check to operate on, then git add this edit (i.e. stage it for commit) but do NOT commit it, so the precommit check sees it and properly provides staged files to the argument list.
  4. run pre-commit try-repo /path/to/osc-trino-acl-dsl --verbose (see here)
  5. examine the output of your precommit check to see if it did what you want

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

osc-trino-acl-dsl-0.2.0.tar.gz (8.2 kB view details)

Uploaded Source

File details

Details for the file osc-trino-acl-dsl-0.2.0.tar.gz.

File metadata

  • Download URL: osc-trino-acl-dsl-0.2.0.tar.gz
  • Upload date:
  • Size: 8.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.2 importlib_metadata/4.8.1 pkginfo/1.7.1 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.62.3 CPython/3.9.9

File hashes

Hashes for osc-trino-acl-dsl-0.2.0.tar.gz
Algorithm Hash digest
SHA256 3c956799322bb5b4acd6d57c204bd47124dccc16362873a290ab15a686c6c7cc
MD5 810dbc656cfbe060e6740414b1e4664c
BLAKE2b-256 e01e0558b5c0426b00921266db11d709463330db47f947518ec7a8cf449824e2

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page