Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add capability to enable vulnerability assessments for Azure Synapse SQL Pools #13276

Merged
merged 7 commits into from
Sep 16, 2021
Merged

Add capability to enable vulnerability assessments for Azure Synapse SQL Pools #13276

merged 7 commits into from
Sep 16, 2021

Conversation

owenfarrell
Copy link
Contributor

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Summary

This pull request adds support for managing vulnerability assessments for Synapse workspaces and Synapse workspace SQL pools. The implementation and the acceptance tests are largely derived from analogous implementations for SQL servers and SQL databases.

Vulnerability assessments are dependent on the definition of security alert policies, so this pull request includes the definition of those resources as well.

This PR likely conflicts in some common client/registration code with #12952, #13044, and/or #13179.

Output from acceptance testing:

$ make acctests SERVICE='synapse' TESTARGS='-run="^TestAccSynapse(SqlPool|Workspace)(SecurityAlertPolicy|VulnerabilityAssessment)_"' TESTTIMEOUT='120m'
==> Checking that code complies with gofmt requirements...
==> Checking that Custom Timeouts are used...
==> Checking that acceptance test packages are used...
TF_ACC=1 go test -v ./internal/services/synapse -run="^TestAccSynapse(SqlPool|Workspace)(SecurityAlertPolicy|VulnerabilityAssessment)_" -timeout 120m -ldflags="-X=github.com/hashicorp/terraform-provider-azurerm/version.ProviderVersion=acc"
=== RUN   TestAccSynapseSqlPoolSecurityAlertPolicy_basic
=== PAUSE TestAccSynapseSqlPoolSecurityAlertPolicy_basic
=== RUN   TestAccSynapseSqlPoolSecurityAlertPolicy_update
=== PAUSE TestAccSynapseSqlPoolSecurityAlertPolicy_update
=== RUN   TestAccSynapseSqlPoolVulnerabilityAssessment_basic
=== PAUSE TestAccSynapseSqlPoolVulnerabilityAssessment_basic
=== RUN   TestAccSynapseSqlPoolVulnerabilityAssessment_update
=== PAUSE TestAccSynapseSqlPoolVulnerabilityAssessment_update
=== RUN   TestAccSynapseWorkspaceSecurityAlertPolicy_basic
=== PAUSE TestAccSynapseWorkspaceSecurityAlertPolicy_basic
=== RUN   TestAccSynapseWorkspaceSecurityAlertPolicy_update
=== PAUSE TestAccSynapseWorkspaceSecurityAlertPolicy_update
=== RUN   TestAccSynapseWorkspaceVulnerabilityAssessment_basic
=== PAUSE TestAccSynapseWorkspaceVulnerabilityAssessment_basic
=== RUN   TestAccSynapseWorkspaceVulnerabilityAssessment_update
=== PAUSE TestAccSynapseWorkspaceVulnerabilityAssessment_update
=== CONT  TestAccSynapseSqlPoolSecurityAlertPolicy_basic
=== CONT  TestAccSynapseWorkspaceVulnerabilityAssessment_update
=== CONT  TestAccSynapseWorkspaceSecurityAlertPolicy_basic
=== CONT  TestAccSynapseWorkspaceVulnerabilityAssessment_basic
=== CONT  TestAccSynapseWorkspaceSecurityAlertPolicy_update
=== CONT  TestAccSynapseSqlPoolSecurityAlertPolicy_update
=== CONT  TestAccSynapseSqlPoolVulnerabilityAssessment_update
=== CONT  TestAccSynapseSqlPoolVulnerabilityAssessment_basic
--- PASS: TestAccSynapseWorkspaceVulnerabilityAssessment_basic (781.00s)
--- PASS: TestAccSynapseWorkspaceSecurityAlertPolicy_basic (849.34s)
--- PASS: TestAccSynapseWorkspaceVulnerabilityAssessment_update (871.95s)
--- PASS: TestAccSynapseSqlPoolVulnerabilityAssessment_update (898.32s)
--- PASS: TestAccSynapseSqlPoolSecurityAlertPolicy_update (912.97s)
--- PASS: TestAccSynapseWorkspaceSecurityAlertPolicy_update (921.62s)
--- PASS: TestAccSynapseSqlPoolVulnerabilityAssessment_basic (1011.34s)
--- PASS: TestAccSynapseSqlPoolSecurityAlertPolicy_basic (1014.87s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/synapse       1017.121s

stephybun
stephybun requested changes Sep 15, 2021
View reviewed changes
Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this PR @owenfarrell. For the most part this looks good, just a few suggestions regarding the property names in the schema. Would also be good if the merge conflict could be resolved 🙂.

internal/services/synapse/synapse_sql_pool_security_alert_policy_resource.go Outdated Show resolved Hide resolved
internal/services/synapse/synapse_sql_pool_vulnerability_assessment_resource.go Outdated Show resolved Hide resolved
internal/services/synapse/synapse_workspace_security_alert_policy_resource.go Outdated Show resolved Hide resolved
internal/services/synapse/synapse_workspace_security_alert_policy_resource.go Outdated Show resolved Hide resolved
internal/services/synapse/synapse_sql_pool_security_alert_policy_resource.go Outdated Show resolved Hide resolved
internal/services/synapse/synapse_workspace_security_alert_policy_resource.go Outdated Show resolved Hide resolved
@owenfarrell owenfarrell force-pushed the synapse-vulnerability-assessment branch from e27235c to 0046903 Compare September 15, 2021 15:44
@owenfarrell owenfarrell force-pushed the synapse-vulnerability-assessment branch from 0046903 to bdd4d1a Compare September 15, 2021 16:38
@owenfarrell
Copy link
Contributor Author

@stephybun - Okay, the schema changes ended up being a bit meatier than I expected. But I think I've got all the code and documentation updates done. I've rerun the acceptance tests and everything still passes. And I've updated all of the error messages to align with the pattern change you requested.

Let me know if there's anything else!

@stephybun
Copy link
Member

Thanks @owenfarrell, LGTM 🚀

@stephybun stephybun added this to the v2.77.0 milestone Sep 16, 2021
@stephybun stephybun merged commit 7d11ede into hashicorp:main Sep 16, 2021
stephybun added a commit that referenced this pull request Sep 16, 2021
@stephybun
Update for #13276
c9d8f65
@github-actions
Copy link

This functionality has been released in v2.77.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@owenfarrell owenfarrell deleted the synapse-vulnerability-assessment branch September 17, 2021 02:32
@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 18, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@stephybun stephybun stephybun approved these changes

Assignees
No one assigned
Labels
documentation new-resource service/synapse size/XL
Projects
None yet
Milestone
v2.77.0
Development

Successfully merging this pull request may close these issues.
2 participants
@owenfarrell @stephybun