Skip to main content

A DSL for generating rules.json files for Trino

Project description

osc-trino-acl-dsl

A declarative format for configuring Trino access control

To operationalize this code you need Trino adminstrator privileges

examples:

Converting Trino ACL DSL to a rules.json

# install package using pipenv, pip or similar tools
$ pipenv install osc-trino-acl-dsl

# the package command `trino-dsl-to-rules` will load the given yaml or json file
# and write the resulting 'rules.json' file to standard output
# dsl-example-1.yaml is in the 'examples' directory of this repository
$ pipenv run trino-dsl-to-rules dsl-example-1.yaml > rules.json

# rules.json is trino file-based access control rules file
$ head rules.json
{
    "catalogs": [
        {
            "group": "admins",
            "allow": "all"
        },
        {
            "group": ".*",
            "catalog": "dev",
            "allow": "all"

Using pre-commit checks

For more information on pre-commit checks, see here

Here is an example entry for .pre-commit-config.yaml For more info see here

repos:
  - repo: https://github.com/os-climate/osc-trino-acl-dsl
    rev: v0.2.2
    hooks:
      # a pre-commit check to verify that an ACL DSL yaml file is in sync with rules.json file
      - id: trino-acl-dsl-check

building and testing

iterative dev/test for pre-commit checks

  1. check out this repository
  2. make some change to precommit checks you want to test
  3. in a test repository, make an edit you expect your precommit check to operate on, then git add this edit (i.e. stage it for commit) but do NOT commit it, so the precommit check sees it and properly provides staged files to the argument list.
  4. run pre-commit try-repo /path/to/osc-trino-acl-dsl --verbose (see here)
  5. examine the output of your precommit check to see if it did what you want

publish new version to pypi

  • update all occurrences of __version__ (try git grep version)
  • python3 setup.py clean or git clean -fdx
  • python3 setup.py sdist
  • twine check dist/*
  • twine upload dist/*
  • push latest to repo
  • create new release tag on github

upload test or release candidate:

python packaging resources

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

osc-trino-acl-dsl-0.2.2.tar.gz (8.6 kB view details)

Uploaded Source

File details

Details for the file osc-trino-acl-dsl-0.2.2.tar.gz.

File metadata

  • Download URL: osc-trino-acl-dsl-0.2.2.tar.gz
  • Upload date:
  • Size: 8.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.2 importlib_metadata/4.8.1 pkginfo/1.7.1 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.62.3 CPython/3.9.9

File hashes

Hashes for osc-trino-acl-dsl-0.2.2.tar.gz
Algorithm Hash digest
SHA256 7dc4b1910e2e465ceb968fb06258426a9d69d449eb78188eebb09363b71f6a1f
MD5 459ce01041f0ac361dc19dee6847f6ba
BLAKE2b-256 eb3c436149de4ee846b31b3fdd0ca089edbe1df2039233aeb91cccdea700a59c

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page