Skip to content

Commit 302dc88

Browse files
sfc-gh-jcieslaksfc-gh-jcieslak
authored
chore: Sweepers and Test workflow changes (#3881)
## Changes - Adjust sweepers to include user sweeping (to avoid policy related issues) - Change test workflow's test object suffix so that it's unique even if test are re-run - This is important in the context of failed cleanup, on test workflow re-run we may encounter "object already exists" errors. By having unique object prefix this could be avoided (and because we have stale object sweepers, leftovers will be cleaned up anyway)
1 parent 64d3a07 commit 302dc88

File tree

2 files changed

+64
-48
lines changed

2 files changed

+64
-48
lines changed

pkg/sdk/sweepers.go

Lines changed: 0 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -8,44 +8,6 @@ import (
88
"strings"
99
)
1010

11-
func SweepAfterIntegrationTests(client *Client, suffix string) error {
12-
return sweep(client, suffix)
13-
}
14-
15-
func SweepAfterAcceptanceTests(client *Client, suffix string) error {
16-
return sweep(client, suffix)
17-
}
18-
19-
// TODO [SNOW-867247]: move this to test code
20-
// TODO [SNOW-867247]: use if exists/use method from helper for dropping
21-
// TODO [SNOW-867247]: sweep all missing account-level objects (like users, integrations, replication groups, network policies, ...)
22-
// TODO [SNOW-867247]: extract sweepers to a separate dir
23-
// TODO [SNOW-867247]: rework the sweepers (funcs -> objects)
24-
// TODO [SNOW-867247]: consider generalization (almost all the sweepers follow the same pattern: show, drop if matches)
25-
// TODO [SNOW-867247]: consider failing after all sweepers and not with the first error
26-
// TODO [SNOW-867247]: consider showing only objects with the given suffix (in almost every sweeper)
27-
func sweep(client *Client, suffix string) error {
28-
if suffix == "" {
29-
return fmt.Errorf("suffix is required to run sweepers")
30-
}
31-
sweepers := []func() error{
32-
getAccountPolicyAttachmentsSweeper(client),
33-
getResourceMonitorSweeper(client, suffix),
34-
getNetworkPolicySweeper(client, suffix),
35-
getFailoverGroupSweeper(client, suffix),
36-
getShareSweeper(client, suffix),
37-
getDatabaseSweeper(client, suffix),
38-
getWarehouseSweeper(client, suffix),
39-
getRoleSweeper(client, suffix),
40-
}
41-
for _, sweeper := range sweepers {
42-
if err := sweeper(); err != nil {
43-
return err
44-
}
45-
}
46-
return nil
47-
}
48-
4911
func getAccountPolicyAttachmentsSweeper(client *Client) func() error {
5012
return func() error {
5113
log.Printf("[DEBUG] Unsetting password and session policies set on the account level")

pkg/sdk/sweepers_test.go

Lines changed: 64 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ import (
66
"fmt"
77
"log"
88
"slices"
9+
"strings"
910
"testing"
1011
"time"
1112

@@ -39,6 +40,44 @@ func TestSweepAll(t *testing.T) {
3940
})
4041
}
4142

43+
func SweepAfterIntegrationTests(client *Client, suffix string) error {
44+
return sweep(client, suffix)
45+
}
46+
47+
func SweepAfterAcceptanceTests(client *Client, suffix string) error {
48+
return sweep(client, suffix)
49+
}
50+
51+
// TODO [SNOW-867247]: use if exists/use method from helper for dropping
52+
// TODO [SNOW-867247]: sweep all missing account-level objects (like users, integrations, replication groups, network policies, ...)
53+
// TODO [SNOW-867247]: extract sweepers to a separate dir
54+
// TODO [SNOW-867247]: rework the sweepers (funcs -> objects)
55+
// TODO [SNOW-867247]: consider generalization (almost all the sweepers follow the same pattern: show, drop if matches)
56+
// TODO [SNOW-867247]: consider failing after all sweepers and not with the first error
57+
// TODO [SNOW-867247]: consider showing only objects with the given suffix (in almost every sweeper)
58+
func sweep(client *Client, suffix string) error {
59+
if suffix == "" {
60+
return fmt.Errorf("suffix is required to run sweepers")
61+
}
62+
sweepers := []func() error{
63+
getAccountPolicyAttachmentsSweeper(client),
64+
getResourceMonitorSweeper(client, suffix),
65+
getNetworkPolicySweeper(client, suffix),
66+
nukeUsers(client, suffix),
67+
getFailoverGroupSweeper(client, suffix),
68+
getShareSweeper(client, suffix),
69+
getDatabaseSweeper(client, suffix),
70+
getWarehouseSweeper(client, suffix),
71+
getRoleSweeper(client, suffix),
72+
}
73+
for _, sweeper := range sweepers {
74+
if err := sweeper(); err != nil {
75+
return err
76+
}
77+
}
78+
return nil
79+
}
80+
4281
func Test_Sweeper_NukeStaleObjects(t *testing.T) {
4382
_ = testenvs.GetOrSkipTest(t, testenvs.EnableSweep)
4483

@@ -81,7 +120,7 @@ func Test_Sweeper_NukeStaleObjects(t *testing.T) {
81120

82121
t.Run("sweep users", func(t *testing.T) {
83122
for _, c := range allClients {
84-
err := nukeUsers(c)()
123+
err := nukeUsers(c, "")()
85124
assert.NoError(t, err)
86125
}
87126
})
@@ -223,7 +262,7 @@ func nukeDatabases(client *Client, prefix string) func() error {
223262
}
224263
}
225264

226-
func nukeUsers(client *Client) func() error {
265+
func nukeUsers(client *Client, suffix string) func() error {
227266
protectedUsers := []string{
228267
"SNOWFLAKE",
229268
"ARTUR_SAWICKI",
@@ -239,27 +278,42 @@ func nukeUsers(client *Client) func() error {
239278
}
240279

241280
return func() error {
242-
log.Println("[DEBUG] Nuking users")
243281
ctx := context.Background()
244282

245-
users, err := client.Users.Show(ctx, &ShowUserOptions{})
283+
var userDropCondition func(u User) bool
284+
if suffix != "" {
285+
log.Printf("[DEBUG] Sweeping users with suffix %s", suffix)
286+
userDropCondition = func(u User) bool {
287+
return strings.HasSuffix(u.Name, suffix)
288+
}
289+
} else {
290+
log.Println("[DEBUG] Sweeping stale users")
291+
userDropCondition = func(u User) bool {
292+
return u.CreatedOn.Before(time.Now().Add(-15 * time.Minute))
293+
}
294+
}
295+
296+
urs, err := client.Users.Show(ctx, new(ShowUserOptions))
246297
if err != nil {
247-
return fmt.Errorf("sweeping users ended with error, err = %w", err)
298+
return fmt.Errorf("SHOW USERS ended with error, err = %w", err)
248299
}
300+
301+
log.Printf("[DEBUG] Found %d users", len(urs))
302+
249303
var errs []error
250-
log.Printf("[DEBUG] Found %d users", len(users))
251-
for idx, user := range users {
252-
log.Printf("[DEBUG] Processing user [%d/%d]: %s...", idx+1, len(users), user.ID().FullyQualifiedName())
253-
if !slices.Contains(protectedUsers, user.Name) && user.CreatedOn.Before(time.Now().Add(-15*time.Minute)) {
304+
for idx, user := range urs {
305+
log.Printf("[DEBUG] Processing user [%d/%d]: %s...", idx+1, len(urs), user.ID().FullyQualifiedName())
306+
307+
if !slices.Contains(protectedUsers, user.Name) && userDropCondition(user) {
254308
log.Printf("[DEBUG] Dropping user %s", user.ID().FullyQualifiedName())
255309
if err := client.Users.Drop(ctx, user.ID(), &DropUserOptions{IfExists: Bool(true)}); err != nil {
256-
log.Printf("[DEBUG] Dropping user %s, resulted in error %v", user.ID().FullyQualifiedName(), err)
257310
errs = append(errs, fmt.Errorf("sweeping user %s ended with error, err = %w", user.ID().FullyQualifiedName(), err))
258311
}
259312
} else {
260313
log.Printf("[DEBUG] Skipping user %s", user.ID().FullyQualifiedName())
261314
}
262315
}
316+
263317
return errors.Join(errs...)
264318
}
265319
}

0 commit comments

Comments
 (0)