feat(plugin-iceberg): Add DDL statements to drop branches and tags

[agrawalreetika]

Description

Add DDL statements to drop branches and tags

Motivation and Context

Resolves #22028

Impact

Resolves #22028

SQL support for dropping a branch from a table :

ALTER TABLE users DROP BRANCH 'branch1';

SQL support for dropping a tag from a table :

ALTER TABLE users DROP TAG 'tag1';

Test Plan

Contributor checklist

• Please make sure your submission complies with our development, formatting, commit message, and attribution guidelines.
• PR description addresses the issue accurately and concisely. If the change is non-trivial, a GitHub Issue is referenced.
• Documented new properties (with its default value), SQL syntax, functions, or other functionality.
• If release notes are required, they follow the release notes guidelines.
• Adequate tests were added if applicable.
• CI passed.

Release Notes

Please follow release notes guidelines and fill in the release notes below.

== RELEASE NOTES ==

General Changes
* Add DDL support for dropping a branch from a table. 
* Add DDL support for dropping a tag from a table.

Iceberg Connector Changes
* Add support for dropping a branch from an Iceberg table.
* Add support for dropping a tag from an Iceberg table.

[github-actions]

Codenotify: Notifying subscribers in CODENOTIFY files for diff 367b7d7...84553ba.

Notify	File(s)
@aditi-pandit	presto-parser/src/main/antlr4/com/facebook/presto/sql/parser/SqlBase.g4
@elharo	presto-parser/src/main/antlr4/com/facebook/presto/sql/parser/SqlBase.g4
@kaikalur	presto-parser/src/main/antlr4/com/facebook/presto/sql/parser/SqlBase.g4
@rschlussel	presto-parser/src/main/antlr4/com/facebook/presto/sql/parser/SqlBase.g4

[steveburnett]

LGTM! (docs)

Pull branch, local docs build, looks good. Thanks!

[ZacBlanco]

Some high level feedback. Most of the code looks good. I will take a closer look on 2nd pass.

Also, I wanted to bring a thought I had about parser extensions. Since many connectors will not support this branching and tagging, I was thinking that maybe we ought to consider designing a SQL syntax plugin extension interface. Spark allows custom syntax extensions through implementing some set of interfaces or bringing your own parser. The upstream iceberg project now maintains their own spark SQL syntax extensions.

I'm not proposing we need that for this PR, but maybe it's something we should start thinking about if connectors start adding more radically different features that would be best left to some syntax extensions/optional plugins, especially for things outside the SQL specification.

[ZacBlanco]

I wonder about the granularity of these methods. In other implementation (e.g. spark?) at what granularity do they enforce the ability to do CRUD operations on tags and branches?

I'm thinking about a few cases

1. A group or user(s) can only access a certain set of branches or tags
2. A group or user(s) can only create branches starting from a specific branch
3. A group or user(s) can create tags

I know we're only implementing DROP but I want to understand the whole story for access control around branches and tags. Would we ever need to pass the branch/tag to these methods?

[agrawalreetika]

I think the granularity of access control methods in Spark for CRUD operations on Iceberg tags and branches is limited by Spark's integration with external systems (such as file systems, catalogs, and security frameworks like Apache Ranger).
For example, Ranger policies can define access controls at the table level, which could be extended to manage specific branches or tag-based access.
And like for cloud-based catalogs like AWS Glue, you can control access to Iceberg metadata (branches and tags) via IAM policies that grant or restrict specific operations.

[ZacBlanco]

Thanks for the info. Would the parameters passed here as context have enough information for us to act at a similar granularity? I don't see anything in the method parameters that contains the branch name which I assume we would need to perform access control at a similar level.

[agrawalreetika]

I would like to discuss around this, Systems like Ranger can define access controls at the table level, column level. So in this case I think access of drop branch & tags could be table based. As per I can think of branch & tag level policies then has to be maintained on engine side if we introduce branch name / tag name in here?

[agrawalreetika]

@tdcmeehan What do you think about access control for branches and tags? Would be based on the parent table itself or based on the tags/branches?
My thinking was that since no policies are enforced based on branch/tags via security frameworks, should this honor the same access policies as table? Or if we don't even need access control exposed for dropTag & dropBranch?

[agrawalreetika]

@ZacBlanco Can you please take another pass?

[hantangwangd]

The whole change overall looks good to me. Some little nits, and one problem for discussing about the behavior of if exists on branch and tag.

[agrawalreetika]

@hantangwangd Thanks for you review. I have addressed your comments, please review.

[hantangwangd]

Thanks for the fix. LGTM!

[agrawalreetika]

Hi @tdcmeehan, This is now waiting for the final committer review. Please review whenever you have time.

[pratyakshsharma]

Thank you for the PR, minor comments, and rest looks good.

[pratyakshsharma]

should we throw an error in cases when if exists is present in the query and it is a materialized view? If drop branch is just not supported for MVs, ideally error should be thrown irrespective of exists check?

[pratyakshsharma]

Alternate way of handling this can be introducing an enum Type in DropBranch and have only TABLE as the supported type.

[pratyakshsharma]

nit: the variable connectorId is not getting used and can be removed. Also I have refactored and extracted this piece of code in MetadataUtil class in this commit - dec2952.
So we can probably do a similar change here as well so that all the Task classes use the same methods?i

[pratyakshsharma]

nit: same as above.

[pratyakshsharma]

nit: same as above. What about the case when if exists is present and it is MV?

[steveburnett]

Thanks for the release note! Nit on phrasing to follow the Order of changes in the Release Notes Guidelines.

== RELEASE NOTES ==

General Changes
* Add DDL support for dropping a branch from a table. 
* Add DDL support for dropping a tag from a table.

Iceberg Connector Changes
* Add support for dropping a branch from an Iceberg table.
* Add support for dropping a branch from an Iceberg table.

[hantangwangd]

Thanks @agrawalreetika, LGTM for this change. +1 to @ZacBlanco's point about the extension mechanism for connector-specific SQL syntax - maybe we should start looking into this.

[tdcmeehan]

I'm comfortable with the idea of this change. While we should be cautious around the standard eventually adopting this type of syntax, the pace at which is the standard moves is far slower than even the Iceberg spec moves. It is too slow for us to block progress on this PR.

I agree with the idea of customizing the parser and planning in general though, along the same lines as Spark. However, given we have already broken standards compliance with time travel (on SYSTEM_VERSION), I'm comfortable pushing ahead with this.

[hantangwangd]

@agrawalreetika thanks for this feature, lgtm! Just a heads-up: the two entries under Iceberg Connector Changes appear to be duplicates.