Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(admin): Extend /run_clickhouse_system_query to support custom SQL queries #2296

Merged
merged 14 commits into from
Dec 17, 2021
Merged

feat(admin): Extend /run_clickhouse_system_query to support custom SQL queries #2296

merged 14 commits into from
Dec 17, 2021

Conversation

lynnagara
Copy link
Member

You can now post custom SQL to /run_clickhouse_system_query in addition to requesting
one of the predefined ones. This change includes some rudimentary validation to
ensure that no attempt is made to insert, select or join on non system tables.
Eventually this should be replaced by more robust parsing of the query into an AST.

Depends on the API fixes included in #2294

onewland and others added 11 commits December 15, 2021 12:43
@onewland
v1 of wiring in queries and rendering results
62be7a2
@onewland
make table widths more dynamic
b0340a5
@onewland
use Lyn Table class rather than bad home-rolled version
af8caf8
@onewland
fully switch over to Lyn table class
2c04421
@onewland
make null check more canonical TS
b3298b7
@onewland
update bundle
33681af
@onewland
Merge branch 'master' into wire-in-queries-admin-tool
38ec2db
@onewland
fix typing from evan PR
de4c63e
@onewland
style cleanups
34411b3
@onewland
type hint cleanups
a491114
@lynnagara
feat(admin): Extend /run_clickhouse_system_query API to support custo…
e7987ab 
…m SQL queries

You can now post custom SQL to /run_clickhouse_system_query in addition to requesting
one of the predefined queries. This change includes some rudimentary validation to
ensure that no attempt is made to insert, select or join on non system tables.
Eventually this should be replaced by more robust parsing of the query into an AST.

Depends on the API fixes included in #2294
@lynnagara lynnagara requested a review from a team as a code owner December 16, 2021 23:27
@codecov-commenter
Copy link

codecov-commenter commented Dec 16, 2021
edited
Loading

Codecov Report

Merging #2296 (3cb17de) into master (080a49b) will decrease coverage by 0.09%.
The diff coverage is 39.72%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #2296      +/-   ##
==========================================
- Coverage   92.93%   92.83%   -0.10%     
==========================================
  Files         556      557       +1     
  Lines       25494    25551      +57     
==========================================
+ Hits        23692    23720      +28     
- Misses       1802     1831      +29
Impacted Files Coverage Δ
snuba/admin/views.py 46.00% <0.00%> (-14.53%) ⬇️
snuba/admin/clickhouse/system_queries.py 68.81% <68.96%> (+3.59%) ⬆️
tests/admin/test_system_queries.py 100.00% <100.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 080a49b...3cb17de. Read the comment docs.

fpacifici
fpacifici approved these changes Dec 17, 2021
View reviewed changes
snuba/admin/clickhouse/system_queries.py Outdated
Comment on lines 176 to 181
# An incomplete list
VALID_SYSTEM_TABLES = [
"clusters",
"merges",
"parts",
]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can allow all of them. There is nothing dangerous there.
But if you plan to keep it. Please add:

replication_queue
settings
metrics
columns

snuba/admin/clickhouse/system_queries.py Outdated
Comment on lines 212 to 228
for kw in disallowed_keywords:
if kw in select_statement.lower():
raise InvalidCustomQuery(f"{kw} is not allowed here")

system_table_name = match.group("system_table_name")

if system_table_name not in VALID_SYSTEM_TABLES:
raise InvalidCustomQuery("Invalid table")

extra = match.group("extra")

# Unfortunately "extra" is pretty permissive right now, just ensure
# there is no attempt to do a select, insert or join in there
if extra is not None:
for kw in disallowed_keywords:
if kw in extra.lower():
raise InvalidCustomQuery(f"{kw} is not allowed here")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's have a proper AST here asap.

Base automatically changed from wire-in-queries-admin-tool to master December 17, 2021 18:16
@lynnagara lynnagara enabled auto-merge (squash) December 17, 2021 19:14
@lynnagara lynnagara merged commit 0ae26a5 into master Dec 17, 2021
@lynnagara lynnagara deleted the system-queries branch December 17, 2021 19:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fpacifici fpacifici fpacifici approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@lynnagara @codecov-commenter @fpacifici @onewland