Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🔒 Raise error if migration is done by wrong user #813

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

🔒 Raise error if migration is done by wrong user #813

wants to merge 1 commit into from

Conversation

fredericenard
Copy link
Contributor

No description provided.

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 4, 2024

🚀 Deployed on https://66afacc643ec4dc2edf6f5a8--lamindb-setup-htry.netlify.app

@github-actions github-actions bot temporarily deployed to pull request August 4, 2024 16:31 Inactive
@falexwolf falexwolf changed the title 🐛 Ensure migration deployment can only be perfomed by the write db user registered in the hub 🔒 Raise error if migration is done by wrong user Aug 5, 2024
@falexwolf
Copy link
Member

This goes in a good direction, but I don't think we should merge anything until we triple checked that we have a final naming scheme.

Also, we already have this check running before migration deployment. It's only based on the permission table but of course these things should be in sync. Let's see whether some of the logic that this is in sync is client side or not. As usual, we won't be able to change it if it's client-side.

lamindb-setup/lamindb_setup/_migrate.py

Lines 84 to 93 in 93a9fbf

collaborator = call_with_fallback_auth(
select_collaborator,
instance_id=settings.instance._id,
account_id=settings.user._uuid,
)
if collaborator is None or collaborator["role"] != "admin":
raise SystemExit(
"❌ Only admins can deploy migrations, please ensure that you're an"
f" admin: https://lamin.ai/{settings.instance.slug}/settings"
)

@fredericenard
Copy link
Contributor Author

fredericenard commented Aug 6, 2024
edited
Loading

I don't think we should merge anything until we triple checked that we have a final naming scheme.

Yes I agree,

Also, we already have this check running before migration deployment. It's only based on the permission table but of course these things should be in sync.

There is no way to be 100% the right connection string will be used

Maybe a better approach is having a external process ensuring all tables are owned by the root user 🤔

I see several ways to do that, one pretty simple would be to use a postgres trigger, but we would still have the problem with logic living client side.

Another way is to have a cron performing regular checks for this. This could be part of a bigger piece of logic including health checks for the instance and storage diagnostic (to verify policy is properly attached).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@falexwolf falexwolf Awaiting requested review from falexwolf

@sunnyosun sunnyosun Awaiting requested review from sunnyosun

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fredericenard @falexwolf