diff --git a/.codegen/_openapi_sha b/.codegen/_openapi_sha index ecf041814..5f4b50860 100644 --- a/.codegen/_openapi_sha +++ b/.codegen/_openapi_sha @@ -1 +1 @@ -25b2478e5a18c888f0d423249abde5499dc58424 \ No newline at end of file +d25296d2f4aa7bd6195c816fdf82e0f960f775da \ No newline at end of file diff --git a/.gitattributes b/.gitattributes index e294157b7..0992c41d5 100644 --- a/.gitattributes +++ b/.gitattributes @@ -89,6 +89,8 @@ experimental/mocks/service/serving/mock_serving_endpoints_data_plane_interface.g experimental/mocks/service/serving/mock_serving_endpoints_interface.go linguist-generated=true experimental/mocks/service/settings/mock_account_ip_access_lists_interface.go linguist-generated=true experimental/mocks/service/settings/mock_account_settings_interface.go linguist-generated=true +experimental/mocks/service/settings/mock_aibi_dashboard_embedding_access_policy_interface.go linguist-generated=true +experimental/mocks/service/settings/mock_aibi_dashboard_embedding_approved_domains_interface.go linguist-generated=true experimental/mocks/service/settings/mock_automatic_cluster_update_interface.go linguist-generated=true experimental/mocks/service/settings/mock_compliance_security_profile_interface.go linguist-generated=true experimental/mocks/service/settings/mock_credentials_manager_interface.go linguist-generated=true diff --git a/CHANGELOG.md b/CHANGELOG.md index 0556f3cbf..dc044c8fb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,30 @@ # Version changelog +## [Release] Release v0.51.0 + +### Internal Changes + + * Always write message for manual test execution ([#1079](https://github.com/databricks/databricks-sdk-go/pull/1079)). + * Use error names instead of codes in `errors.go` ([#1080](https://github.com/databricks/databricks-sdk-go/pull/1080)). + + +### API Changes: + + * Added [w.Credentials](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/catalog#CredentialsAPI) workspace-level service. + * Added `AzureAad` field for [catalog.GenerateTemporaryTableCredentialResponse](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/catalog#GenerateTemporaryTableCredentialResponse). + * Added `OmitUsername` field for [catalog.ListTablesRequest](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/catalog#ListTablesRequest). + * Added `FullName` field for [catalog.StorageCredentialInfo](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/catalog#StorageCredentialInfo). + * Added `WarehouseId` field for [dashboards.Schedule](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/dashboards#Schedule). + * Added `Only` field for [jobs.RunNow](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/jobs#RunNow). + * Added `RestartWindow` field for [pipelines.CreatePipeline](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/pipelines#CreatePipeline). + * Added `RestartWindow` field for [pipelines.EditPipeline](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/pipelines#EditPipeline). + * Added `ConnectionName` field for [pipelines.IngestionGatewayPipelineDefinition](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/pipelines#IngestionGatewayPipelineDefinition). + * Added `RestartWindow` field for [pipelines.PipelineSpec](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/pipelines#PipelineSpec). + * Added `PrivateAccessSettingsId` field for [provisioning.UpdateWorkspaceRequest](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/provisioning#UpdateWorkspaceRequest). + * Removed [w.CleanRooms](https://pkg.go.dev/github.com/databricks/databricks-sdk-go/service/sharing#CleanRoomsAPI) workspace-level service. + +OpenAPI SHA: d25296d2f4aa7bd6195c816fdf82e0f960f775da, Date: 2024-11-07 + ## [Release] Release v0.50.0 ### Internal Changes diff --git a/experimental/mocks/mock_workspace_client.go b/experimental/mocks/mock_workspace_client.go index a37a66426..57719e7ef 100755 --- a/experimental/mocks/mock_workspace_client.go +++ b/experimental/mocks/mock_workspace_client.go @@ -46,7 +46,6 @@ func NewMockWorkspaceClient(t interface { Apps: apps.NewMockAppsInterface(t), ArtifactAllowlists: catalog.NewMockArtifactAllowlistsInterface(t), Catalogs: catalog.NewMockCatalogsInterface(t), - CleanRooms: sharing.NewMockCleanRoomsInterface(t), ClusterPolicies: compute.NewMockClusterPoliciesInterface(t), Clusters: compute.NewMockClustersInterface(t), CommandExecution: compute.NewMockCommandExecutionInterface(t), @@ -56,6 +55,7 @@ func NewMockWorkspaceClient(t interface { ConsumerListings: marketplace.NewMockConsumerListingsInterface(t), ConsumerPersonalizationRequests: marketplace.NewMockConsumerPersonalizationRequestsInterface(t), ConsumerProviders: marketplace.NewMockConsumerProvidersInterface(t), + Credentials: catalog.NewMockCredentialsInterface(t), CredentialsManager: settings.NewMockCredentialsManagerInterface(t), CurrentUser: iam.NewMockCurrentUserInterface(t), DashboardWidgets: sql.NewMockDashboardWidgetsInterface(t), @@ -286,14 +286,6 @@ func (m *MockWorkspaceClient) GetMockCatalogsAPI() *catalog.MockCatalogsInterfac return api } -func (m *MockWorkspaceClient) GetMockCleanRoomsAPI() *sharing.MockCleanRoomsInterface { - api, ok := m.WorkspaceClient.CleanRooms.(*sharing.MockCleanRoomsInterface) - if !ok { - panic(fmt.Sprintf("expected CleanRooms to be *sharing.MockCleanRoomsInterface, actual was %T", m.WorkspaceClient.CleanRooms)) - } - return api -} - func (m *MockWorkspaceClient) GetMockClusterPoliciesAPI() *compute.MockClusterPoliciesInterface { api, ok := m.WorkspaceClient.ClusterPolicies.(*compute.MockClusterPoliciesInterface) if !ok { @@ -366,6 +358,14 @@ func (m *MockWorkspaceClient) GetMockConsumerProvidersAPI() *marketplace.MockCon return api } +func (m *MockWorkspaceClient) GetMockCredentialsAPI() *catalog.MockCredentialsInterface { + api, ok := m.WorkspaceClient.Credentials.(*catalog.MockCredentialsInterface) + if !ok { + panic(fmt.Sprintf("expected Credentials to be *catalog.MockCredentialsInterface, actual was %T", m.WorkspaceClient.Credentials)) + } + return api +} + func (m *MockWorkspaceClient) GetMockCredentialsManagerAPI() *settings.MockCredentialsManagerInterface { api, ok := m.WorkspaceClient.CredentialsManager.(*settings.MockCredentialsManagerInterface) if !ok { diff --git a/experimental/mocks/service/catalog/mock_credentials_interface.go b/experimental/mocks/service/catalog/mock_credentials_interface.go new file mode 100644 index 000000000..3fea48ac7 --- /dev/null +++ b/experimental/mocks/service/catalog/mock_credentials_interface.go @@ -0,0 +1,596 @@ +// Code generated by mockery v2.43.0. DO NOT EDIT. + +package catalog + +import ( + context "context" + + catalog "github.com/databricks/databricks-sdk-go/service/catalog" + + listing "github.com/databricks/databricks-sdk-go/listing" + + mock "github.com/stretchr/testify/mock" +) + +// MockCredentialsInterface is an autogenerated mock type for the CredentialsInterface type +type MockCredentialsInterface struct { + mock.Mock +} + +type MockCredentialsInterface_Expecter struct { + mock *mock.Mock +} + +func (_m *MockCredentialsInterface) EXPECT() *MockCredentialsInterface_Expecter { + return &MockCredentialsInterface_Expecter{mock: &_m.Mock} +} + +// CreateCredential provides a mock function with given fields: ctx, request +func (_m *MockCredentialsInterface) CreateCredential(ctx context.Context, request catalog.CreateCredentialRequest) (*catalog.CredentialInfo, error) { + ret := _m.Called(ctx, request) + + if len(ret) == 0 { + panic("no return value specified for CreateCredential") + } + + var r0 *catalog.CredentialInfo + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, catalog.CreateCredentialRequest) (*catalog.CredentialInfo, error)); ok { + return rf(ctx, request) + } + if rf, ok := ret.Get(0).(func(context.Context, catalog.CreateCredentialRequest) *catalog.CredentialInfo); ok { + r0 = rf(ctx, request) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*catalog.CredentialInfo) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, catalog.CreateCredentialRequest) error); ok { + r1 = rf(ctx, request) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockCredentialsInterface_CreateCredential_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'CreateCredential' +type MockCredentialsInterface_CreateCredential_Call struct { + *mock.Call +} + +// CreateCredential is a helper method to define mock.On call +// - ctx context.Context +// - request catalog.CreateCredentialRequest +func (_e *MockCredentialsInterface_Expecter) CreateCredential(ctx interface{}, request interface{}) *MockCredentialsInterface_CreateCredential_Call { + return &MockCredentialsInterface_CreateCredential_Call{Call: _e.mock.On("CreateCredential", ctx, request)} +} + +func (_c *MockCredentialsInterface_CreateCredential_Call) Run(run func(ctx context.Context, request catalog.CreateCredentialRequest)) *MockCredentialsInterface_CreateCredential_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(catalog.CreateCredentialRequest)) + }) + return _c +} + +func (_c *MockCredentialsInterface_CreateCredential_Call) Return(_a0 *catalog.CredentialInfo, _a1 error) *MockCredentialsInterface_CreateCredential_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *MockCredentialsInterface_CreateCredential_Call) RunAndReturn(run func(context.Context, catalog.CreateCredentialRequest) (*catalog.CredentialInfo, error)) *MockCredentialsInterface_CreateCredential_Call { + _c.Call.Return(run) + return _c +} + +// DeleteCredential provides a mock function with given fields: ctx, request +func (_m *MockCredentialsInterface) DeleteCredential(ctx context.Context, request catalog.DeleteCredentialRequest) error { + ret := _m.Called(ctx, request) + + if len(ret) == 0 { + panic("no return value specified for DeleteCredential") + } + + var r0 error + if rf, ok := ret.Get(0).(func(context.Context, catalog.DeleteCredentialRequest) error); ok { + r0 = rf(ctx, request) + } else { + r0 = ret.Error(0) + } + + return r0 +} + +// MockCredentialsInterface_DeleteCredential_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'DeleteCredential' +type MockCredentialsInterface_DeleteCredential_Call struct { + *mock.Call +} + +// DeleteCredential is a helper method to define mock.On call +// - ctx context.Context +// - request catalog.DeleteCredentialRequest +func (_e *MockCredentialsInterface_Expecter) DeleteCredential(ctx interface{}, request interface{}) *MockCredentialsInterface_DeleteCredential_Call { + return &MockCredentialsInterface_DeleteCredential_Call{Call: _e.mock.On("DeleteCredential", ctx, request)} +} + +func (_c *MockCredentialsInterface_DeleteCredential_Call) Run(run func(ctx context.Context, request catalog.DeleteCredentialRequest)) *MockCredentialsInterface_DeleteCredential_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(catalog.DeleteCredentialRequest)) + }) + return _c +} + +func (_c *MockCredentialsInterface_DeleteCredential_Call) Return(_a0 error) *MockCredentialsInterface_DeleteCredential_Call { + _c.Call.Return(_a0) + return _c +} + +func (_c *MockCredentialsInterface_DeleteCredential_Call) RunAndReturn(run func(context.Context, catalog.DeleteCredentialRequest) error) *MockCredentialsInterface_DeleteCredential_Call { + _c.Call.Return(run) + return _c +} + +// DeleteCredentialByNameArg provides a mock function with given fields: ctx, nameArg +func (_m *MockCredentialsInterface) DeleteCredentialByNameArg(ctx context.Context, nameArg string) error { + ret := _m.Called(ctx, nameArg) + + if len(ret) == 0 { + panic("no return value specified for DeleteCredentialByNameArg") + } + + var r0 error + if rf, ok := ret.Get(0).(func(context.Context, string) error); ok { + r0 = rf(ctx, nameArg) + } else { + r0 = ret.Error(0) + } + + return r0 +} + +// MockCredentialsInterface_DeleteCredentialByNameArg_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'DeleteCredentialByNameArg' +type MockCredentialsInterface_DeleteCredentialByNameArg_Call struct { + *mock.Call +} + +// DeleteCredentialByNameArg is a helper method to define mock.On call +// - ctx context.Context +// - nameArg string +func (_e *MockCredentialsInterface_Expecter) DeleteCredentialByNameArg(ctx interface{}, nameArg interface{}) *MockCredentialsInterface_DeleteCredentialByNameArg_Call { + return &MockCredentialsInterface_DeleteCredentialByNameArg_Call{Call: _e.mock.On("DeleteCredentialByNameArg", ctx, nameArg)} +} + +func (_c *MockCredentialsInterface_DeleteCredentialByNameArg_Call) Run(run func(ctx context.Context, nameArg string)) *MockCredentialsInterface_DeleteCredentialByNameArg_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(string)) + }) + return _c +} + +func (_c *MockCredentialsInterface_DeleteCredentialByNameArg_Call) Return(_a0 error) *MockCredentialsInterface_DeleteCredentialByNameArg_Call { + _c.Call.Return(_a0) + return _c +} + +func (_c *MockCredentialsInterface_DeleteCredentialByNameArg_Call) RunAndReturn(run func(context.Context, string) error) *MockCredentialsInterface_DeleteCredentialByNameArg_Call { + _c.Call.Return(run) + return _c +} + +// GenerateTemporaryServiceCredential provides a mock function with given fields: ctx, request +func (_m *MockCredentialsInterface) GenerateTemporaryServiceCredential(ctx context.Context, request catalog.GenerateTemporaryServiceCredentialRequest) (*catalog.TemporaryCredentials, error) { + ret := _m.Called(ctx, request) + + if len(ret) == 0 { + panic("no return value specified for GenerateTemporaryServiceCredential") + } + + var r0 *catalog.TemporaryCredentials + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, catalog.GenerateTemporaryServiceCredentialRequest) (*catalog.TemporaryCredentials, error)); ok { + return rf(ctx, request) + } + if rf, ok := ret.Get(0).(func(context.Context, catalog.GenerateTemporaryServiceCredentialRequest) *catalog.TemporaryCredentials); ok { + r0 = rf(ctx, request) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*catalog.TemporaryCredentials) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, catalog.GenerateTemporaryServiceCredentialRequest) error); ok { + r1 = rf(ctx, request) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockCredentialsInterface_GenerateTemporaryServiceCredential_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GenerateTemporaryServiceCredential' +type MockCredentialsInterface_GenerateTemporaryServiceCredential_Call struct { + *mock.Call +} + +// GenerateTemporaryServiceCredential is a helper method to define mock.On call +// - ctx context.Context +// - request catalog.GenerateTemporaryServiceCredentialRequest +func (_e *MockCredentialsInterface_Expecter) GenerateTemporaryServiceCredential(ctx interface{}, request interface{}) *MockCredentialsInterface_GenerateTemporaryServiceCredential_Call { + return &MockCredentialsInterface_GenerateTemporaryServiceCredential_Call{Call: _e.mock.On("GenerateTemporaryServiceCredential", ctx, request)} +} + +func (_c *MockCredentialsInterface_GenerateTemporaryServiceCredential_Call) Run(run func(ctx context.Context, request catalog.GenerateTemporaryServiceCredentialRequest)) *MockCredentialsInterface_GenerateTemporaryServiceCredential_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(catalog.GenerateTemporaryServiceCredentialRequest)) + }) + return _c +} + +func (_c *MockCredentialsInterface_GenerateTemporaryServiceCredential_Call) Return(_a0 *catalog.TemporaryCredentials, _a1 error) *MockCredentialsInterface_GenerateTemporaryServiceCredential_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *MockCredentialsInterface_GenerateTemporaryServiceCredential_Call) RunAndReturn(run func(context.Context, catalog.GenerateTemporaryServiceCredentialRequest) (*catalog.TemporaryCredentials, error)) *MockCredentialsInterface_GenerateTemporaryServiceCredential_Call { + _c.Call.Return(run) + return _c +} + +// GetCredential provides a mock function with given fields: ctx, request +func (_m *MockCredentialsInterface) GetCredential(ctx context.Context, request catalog.GetCredentialRequest) (*catalog.CredentialInfo, error) { + ret := _m.Called(ctx, request) + + if len(ret) == 0 { + panic("no return value specified for GetCredential") + } + + var r0 *catalog.CredentialInfo + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, catalog.GetCredentialRequest) (*catalog.CredentialInfo, error)); ok { + return rf(ctx, request) + } + if rf, ok := ret.Get(0).(func(context.Context, catalog.GetCredentialRequest) *catalog.CredentialInfo); ok { + r0 = rf(ctx, request) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*catalog.CredentialInfo) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, catalog.GetCredentialRequest) error); ok { + r1 = rf(ctx, request) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockCredentialsInterface_GetCredential_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetCredential' +type MockCredentialsInterface_GetCredential_Call struct { + *mock.Call +} + +// GetCredential is a helper method to define mock.On call +// - ctx context.Context +// - request catalog.GetCredentialRequest +func (_e *MockCredentialsInterface_Expecter) GetCredential(ctx interface{}, request interface{}) *MockCredentialsInterface_GetCredential_Call { + return &MockCredentialsInterface_GetCredential_Call{Call: _e.mock.On("GetCredential", ctx, request)} +} + +func (_c *MockCredentialsInterface_GetCredential_Call) Run(run func(ctx context.Context, request catalog.GetCredentialRequest)) *MockCredentialsInterface_GetCredential_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(catalog.GetCredentialRequest)) + }) + return _c +} + +func (_c *MockCredentialsInterface_GetCredential_Call) Return(_a0 *catalog.CredentialInfo, _a1 error) *MockCredentialsInterface_GetCredential_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *MockCredentialsInterface_GetCredential_Call) RunAndReturn(run func(context.Context, catalog.GetCredentialRequest) (*catalog.CredentialInfo, error)) *MockCredentialsInterface_GetCredential_Call { + _c.Call.Return(run) + return _c +} + +// GetCredentialByNameArg provides a mock function with given fields: ctx, nameArg +func (_m *MockCredentialsInterface) GetCredentialByNameArg(ctx context.Context, nameArg string) (*catalog.CredentialInfo, error) { + ret := _m.Called(ctx, nameArg) + + if len(ret) == 0 { + panic("no return value specified for GetCredentialByNameArg") + } + + var r0 *catalog.CredentialInfo + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, string) (*catalog.CredentialInfo, error)); ok { + return rf(ctx, nameArg) + } + if rf, ok := ret.Get(0).(func(context.Context, string) *catalog.CredentialInfo); ok { + r0 = rf(ctx, nameArg) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*catalog.CredentialInfo) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, string) error); ok { + r1 = rf(ctx, nameArg) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockCredentialsInterface_GetCredentialByNameArg_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetCredentialByNameArg' +type MockCredentialsInterface_GetCredentialByNameArg_Call struct { + *mock.Call +} + +// GetCredentialByNameArg is a helper method to define mock.On call +// - ctx context.Context +// - nameArg string +func (_e *MockCredentialsInterface_Expecter) GetCredentialByNameArg(ctx interface{}, nameArg interface{}) *MockCredentialsInterface_GetCredentialByNameArg_Call { + return &MockCredentialsInterface_GetCredentialByNameArg_Call{Call: _e.mock.On("GetCredentialByNameArg", ctx, nameArg)} +} + +func (_c *MockCredentialsInterface_GetCredentialByNameArg_Call) Run(run func(ctx context.Context, nameArg string)) *MockCredentialsInterface_GetCredentialByNameArg_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(string)) + }) + return _c +} + +func (_c *MockCredentialsInterface_GetCredentialByNameArg_Call) Return(_a0 *catalog.CredentialInfo, _a1 error) *MockCredentialsInterface_GetCredentialByNameArg_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *MockCredentialsInterface_GetCredentialByNameArg_Call) RunAndReturn(run func(context.Context, string) (*catalog.CredentialInfo, error)) *MockCredentialsInterface_GetCredentialByNameArg_Call { + _c.Call.Return(run) + return _c +} + +// ListCredentials provides a mock function with given fields: ctx, request +func (_m *MockCredentialsInterface) ListCredentials(ctx context.Context, request catalog.ListCredentialsRequest) listing.Iterator[catalog.CredentialInfo] { + ret := _m.Called(ctx, request) + + if len(ret) == 0 { + panic("no return value specified for ListCredentials") + } + + var r0 listing.Iterator[catalog.CredentialInfo] + if rf, ok := ret.Get(0).(func(context.Context, catalog.ListCredentialsRequest) listing.Iterator[catalog.CredentialInfo]); ok { + r0 = rf(ctx, request) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(listing.Iterator[catalog.CredentialInfo]) + } + } + + return r0 +} + +// MockCredentialsInterface_ListCredentials_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'ListCredentials' +type MockCredentialsInterface_ListCredentials_Call struct { + *mock.Call +} + +// ListCredentials is a helper method to define mock.On call +// - ctx context.Context +// - request catalog.ListCredentialsRequest +func (_e *MockCredentialsInterface_Expecter) ListCredentials(ctx interface{}, request interface{}) *MockCredentialsInterface_ListCredentials_Call { + return &MockCredentialsInterface_ListCredentials_Call{Call: _e.mock.On("ListCredentials", ctx, request)} +} + +func (_c *MockCredentialsInterface_ListCredentials_Call) Run(run func(ctx context.Context, request catalog.ListCredentialsRequest)) *MockCredentialsInterface_ListCredentials_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(catalog.ListCredentialsRequest)) + }) + return _c +} + +func (_c *MockCredentialsInterface_ListCredentials_Call) Return(_a0 listing.Iterator[catalog.CredentialInfo]) *MockCredentialsInterface_ListCredentials_Call { + _c.Call.Return(_a0) + return _c +} + +func (_c *MockCredentialsInterface_ListCredentials_Call) RunAndReturn(run func(context.Context, catalog.ListCredentialsRequest) listing.Iterator[catalog.CredentialInfo]) *MockCredentialsInterface_ListCredentials_Call { + _c.Call.Return(run) + return _c +} + +// ListCredentialsAll provides a mock function with given fields: ctx, request +func (_m *MockCredentialsInterface) ListCredentialsAll(ctx context.Context, request catalog.ListCredentialsRequest) ([]catalog.CredentialInfo, error) { + ret := _m.Called(ctx, request) + + if len(ret) == 0 { + panic("no return value specified for ListCredentialsAll") + } + + var r0 []catalog.CredentialInfo + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, catalog.ListCredentialsRequest) ([]catalog.CredentialInfo, error)); ok { + return rf(ctx, request) + } + if rf, ok := ret.Get(0).(func(context.Context, catalog.ListCredentialsRequest) []catalog.CredentialInfo); ok { + r0 = rf(ctx, request) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).([]catalog.CredentialInfo) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, catalog.ListCredentialsRequest) error); ok { + r1 = rf(ctx, request) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockCredentialsInterface_ListCredentialsAll_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'ListCredentialsAll' +type MockCredentialsInterface_ListCredentialsAll_Call struct { + *mock.Call +} + +// ListCredentialsAll is a helper method to define mock.On call +// - ctx context.Context +// - request catalog.ListCredentialsRequest +func (_e *MockCredentialsInterface_Expecter) ListCredentialsAll(ctx interface{}, request interface{}) *MockCredentialsInterface_ListCredentialsAll_Call { + return &MockCredentialsInterface_ListCredentialsAll_Call{Call: _e.mock.On("ListCredentialsAll", ctx, request)} +} + +func (_c *MockCredentialsInterface_ListCredentialsAll_Call) Run(run func(ctx context.Context, request catalog.ListCredentialsRequest)) *MockCredentialsInterface_ListCredentialsAll_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(catalog.ListCredentialsRequest)) + }) + return _c +} + +func (_c *MockCredentialsInterface_ListCredentialsAll_Call) Return(_a0 []catalog.CredentialInfo, _a1 error) *MockCredentialsInterface_ListCredentialsAll_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *MockCredentialsInterface_ListCredentialsAll_Call) RunAndReturn(run func(context.Context, catalog.ListCredentialsRequest) ([]catalog.CredentialInfo, error)) *MockCredentialsInterface_ListCredentialsAll_Call { + _c.Call.Return(run) + return _c +} + +// UpdateCredential provides a mock function with given fields: ctx, request +func (_m *MockCredentialsInterface) UpdateCredential(ctx context.Context, request catalog.UpdateCredentialRequest) (*catalog.CredentialInfo, error) { + ret := _m.Called(ctx, request) + + if len(ret) == 0 { + panic("no return value specified for UpdateCredential") + } + + var r0 *catalog.CredentialInfo + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, catalog.UpdateCredentialRequest) (*catalog.CredentialInfo, error)); ok { + return rf(ctx, request) + } + if rf, ok := ret.Get(0).(func(context.Context, catalog.UpdateCredentialRequest) *catalog.CredentialInfo); ok { + r0 = rf(ctx, request) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*catalog.CredentialInfo) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, catalog.UpdateCredentialRequest) error); ok { + r1 = rf(ctx, request) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockCredentialsInterface_UpdateCredential_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'UpdateCredential' +type MockCredentialsInterface_UpdateCredential_Call struct { + *mock.Call +} + +// UpdateCredential is a helper method to define mock.On call +// - ctx context.Context +// - request catalog.UpdateCredentialRequest +func (_e *MockCredentialsInterface_Expecter) UpdateCredential(ctx interface{}, request interface{}) *MockCredentialsInterface_UpdateCredential_Call { + return &MockCredentialsInterface_UpdateCredential_Call{Call: _e.mock.On("UpdateCredential", ctx, request)} +} + +func (_c *MockCredentialsInterface_UpdateCredential_Call) Run(run func(ctx context.Context, request catalog.UpdateCredentialRequest)) *MockCredentialsInterface_UpdateCredential_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(catalog.UpdateCredentialRequest)) + }) + return _c +} + +func (_c *MockCredentialsInterface_UpdateCredential_Call) Return(_a0 *catalog.CredentialInfo, _a1 error) *MockCredentialsInterface_UpdateCredential_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *MockCredentialsInterface_UpdateCredential_Call) RunAndReturn(run func(context.Context, catalog.UpdateCredentialRequest) (*catalog.CredentialInfo, error)) *MockCredentialsInterface_UpdateCredential_Call { + _c.Call.Return(run) + return _c +} + +// ValidateCredential provides a mock function with given fields: ctx, request +func (_m *MockCredentialsInterface) ValidateCredential(ctx context.Context, request catalog.ValidateCredentialRequest) (*catalog.ValidateCredentialResponse, error) { + ret := _m.Called(ctx, request) + + if len(ret) == 0 { + panic("no return value specified for ValidateCredential") + } + + var r0 *catalog.ValidateCredentialResponse + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, catalog.ValidateCredentialRequest) (*catalog.ValidateCredentialResponse, error)); ok { + return rf(ctx, request) + } + if rf, ok := ret.Get(0).(func(context.Context, catalog.ValidateCredentialRequest) *catalog.ValidateCredentialResponse); ok { + r0 = rf(ctx, request) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*catalog.ValidateCredentialResponse) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, catalog.ValidateCredentialRequest) error); ok { + r1 = rf(ctx, request) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockCredentialsInterface_ValidateCredential_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'ValidateCredential' +type MockCredentialsInterface_ValidateCredential_Call struct { + *mock.Call +} + +// ValidateCredential is a helper method to define mock.On call +// - ctx context.Context +// - request catalog.ValidateCredentialRequest +func (_e *MockCredentialsInterface_Expecter) ValidateCredential(ctx interface{}, request interface{}) *MockCredentialsInterface_ValidateCredential_Call { + return &MockCredentialsInterface_ValidateCredential_Call{Call: _e.mock.On("ValidateCredential", ctx, request)} +} + +func (_c *MockCredentialsInterface_ValidateCredential_Call) Run(run func(ctx context.Context, request catalog.ValidateCredentialRequest)) *MockCredentialsInterface_ValidateCredential_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(catalog.ValidateCredentialRequest)) + }) + return _c +} + +func (_c *MockCredentialsInterface_ValidateCredential_Call) Return(_a0 *catalog.ValidateCredentialResponse, _a1 error) *MockCredentialsInterface_ValidateCredential_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *MockCredentialsInterface_ValidateCredential_Call) RunAndReturn(run func(context.Context, catalog.ValidateCredentialRequest) (*catalog.ValidateCredentialResponse, error)) *MockCredentialsInterface_ValidateCredential_Call { + _c.Call.Return(run) + return _c +} + +// NewMockCredentialsInterface creates a new instance of MockCredentialsInterface. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. +// The first argument is typically a *testing.T value. +func NewMockCredentialsInterface(t interface { + mock.TestingT + Cleanup(func()) +}) *MockCredentialsInterface { + mock := &MockCredentialsInterface{} + mock.Mock.Test(t) + + t.Cleanup(func() { mock.AssertExpectations(t) }) + + return mock +} diff --git a/service/apps/api.go b/service/apps/api.go index a20d298af..59f7aa2ff 100755 --- a/service/apps/api.go +++ b/service/apps/api.go @@ -143,8 +143,9 @@ type AppsInterface interface { // Set app permissions. // - // Sets permissions on an app. Apps can inherit permissions from their root - // object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their root object. SetPermissions(ctx context.Context, request AppPermissionsRequest) (*AppPermissions, error) // Start an app. diff --git a/service/apps/interface.go b/service/apps/interface.go index df88eec6a..154a65620 100755 --- a/service/apps/interface.go +++ b/service/apps/interface.go @@ -64,8 +64,9 @@ type AppsService interface { // Set app permissions. // - // Sets permissions on an app. Apps can inherit permissions from their root - // object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request AppPermissionsRequest) (*AppPermissions, error) // Start an app. diff --git a/service/catalog/api.go b/service/catalog/api.go index 3d7fc6a7e..191788ac5 100755 --- a/service/catalog/api.go +++ b/service/catalog/api.go @@ -1,6 +1,6 @@ // Code generated from OpenAPI specs by Databricks SDK Generator. DO NOT EDIT. -// These APIs allow you to manage Account Metastore Assignments, Account Metastores, Account Storage Credentials, Artifact Allowlists, Catalogs, Connections, External Locations, Functions, Grants, Metastores, Model Versions, Online Tables, Quality Monitors, Registered Models, Resource Quotas, Schemas, Storage Credentials, System Schemas, Table Constraints, Tables, Temporary Table Credentials, Volumes, Workspace Bindings, etc. +// These APIs allow you to manage Account Metastore Assignments, Account Metastores, Account Storage Credentials, Artifact Allowlists, Catalogs, Connections, Credentials, External Locations, Functions, Grants, Metastores, Model Versions, Online Tables, Quality Monitors, Registered Models, Resource Quotas, Schemas, Storage Credentials, System Schemas, Table Constraints, Tables, Temporary Table Credentials, Volumes, Workspace Bindings, etc. package catalog import ( @@ -787,6 +787,177 @@ func (a *ConnectionsAPI) ConnectionInfoNameToFullNameMap(ctx context.Context, re return mapping, nil } +type CredentialsInterface interface { + + // Create a credential. + // + // Creates a new credential. + CreateCredential(ctx context.Context, request CreateCredentialRequest) (*CredentialInfo, error) + + // Delete a credential. + // + // Deletes a credential from the metastore. The caller must be an owner of the + // credential. + DeleteCredential(ctx context.Context, request DeleteCredentialRequest) error + + // Delete a credential. + // + // Deletes a credential from the metastore. The caller must be an owner of the + // credential. + DeleteCredentialByNameArg(ctx context.Context, nameArg string) error + + // Generate a temporary service credential. + // + // Returns a set of temporary credentials generated using the specified service + // credential. The caller must be a metastore admin or have the metastore + // privilege **ACCESS** on the service credential. + GenerateTemporaryServiceCredential(ctx context.Context, request GenerateTemporaryServiceCredentialRequest) (*TemporaryCredentials, error) + + // Get a credential. + // + // Gets a credential from the metastore. The caller must be a metastore admin, + // the owner of the credential, or have any permission on the credential. + GetCredential(ctx context.Context, request GetCredentialRequest) (*CredentialInfo, error) + + // Get a credential. + // + // Gets a credential from the metastore. The caller must be a metastore admin, + // the owner of the credential, or have any permission on the credential. + GetCredentialByNameArg(ctx context.Context, nameArg string) (*CredentialInfo, error) + + // List credentials. + // + // Gets an array of credentials (as __CredentialInfo__ objects). + // + // The array is limited to only the credentials that the caller has permission + // to access. If the caller is a metastore admin, retrieval of credentials is + // unrestricted. There is no guarantee of a specific ordering of the elements in + // the array. + // + // This method is generated by Databricks SDK Code Generator. + ListCredentials(ctx context.Context, request ListCredentialsRequest) listing.Iterator[CredentialInfo] + + // List credentials. + // + // Gets an array of credentials (as __CredentialInfo__ objects). + // + // The array is limited to only the credentials that the caller has permission + // to access. If the caller is a metastore admin, retrieval of credentials is + // unrestricted. There is no guarantee of a specific ordering of the elements in + // the array. + // + // This method is generated by Databricks SDK Code Generator. + ListCredentialsAll(ctx context.Context, request ListCredentialsRequest) ([]CredentialInfo, error) + + // Update a credential. + // + // Updates a credential on the metastore. + // + // The caller must be the owner of the credential or a metastore admin or have + // the `MANAGE` permission. If the caller is a metastore admin, only the + // __owner__ field can be changed. + UpdateCredential(ctx context.Context, request UpdateCredentialRequest) (*CredentialInfo, error) + + // Validate a credential. + // + // Validates a credential. + // + // Either the __credential_name__ or the cloud-specific credential must be + // provided. + // + // The caller must be a metastore admin or the credential owner. + ValidateCredential(ctx context.Context, request ValidateCredentialRequest) (*ValidateCredentialResponse, error) +} + +func NewCredentials(client *client.DatabricksClient) *CredentialsAPI { + return &CredentialsAPI{ + credentialsImpl: credentialsImpl{ + client: client, + }, + } +} + +// A credential represents an authentication and authorization mechanism for +// accessing services on your cloud tenant. Each credential is subject to Unity +// Catalog access-control policies that control which users and groups can +// access the credential. +// +// To create credentials, you must be a Databricks account admin or have the +// `CREATE SERVICE CREDENTIAL privilege. The user who creates the credential can +// delegate ownership to another user or group to manage permissions on it +type CredentialsAPI struct { + credentialsImpl +} + +// Delete a credential. +// +// Deletes a credential from the metastore. The caller must be an owner of the +// credential. +func (a *CredentialsAPI) DeleteCredentialByNameArg(ctx context.Context, nameArg string) error { + return a.credentialsImpl.DeleteCredential(ctx, DeleteCredentialRequest{ + NameArg: nameArg, + }) +} + +// Get a credential. +// +// Gets a credential from the metastore. The caller must be a metastore admin, +// the owner of the credential, or have any permission on the credential. +func (a *CredentialsAPI) GetCredentialByNameArg(ctx context.Context, nameArg string) (*CredentialInfo, error) { + return a.credentialsImpl.GetCredential(ctx, GetCredentialRequest{ + NameArg: nameArg, + }) +} + +// List credentials. +// +// Gets an array of credentials (as __CredentialInfo__ objects). +// +// The array is limited to only the credentials that the caller has permission +// to access. If the caller is a metastore admin, retrieval of credentials is +// unrestricted. There is no guarantee of a specific ordering of the elements in +// the array. +// +// This method is generated by Databricks SDK Code Generator. +func (a *CredentialsAPI) ListCredentials(ctx context.Context, request ListCredentialsRequest) listing.Iterator[CredentialInfo] { + + getNextPage := func(ctx context.Context, req ListCredentialsRequest) (*ListCredentialsResponse, error) { + ctx = useragent.InContext(ctx, "sdk-feature", "pagination") + return a.credentialsImpl.ListCredentials(ctx, req) + } + getItems := func(resp *ListCredentialsResponse) []CredentialInfo { + return resp.Credentials + } + getNextReq := func(resp *ListCredentialsResponse) *ListCredentialsRequest { + if resp.NextPageToken == "" { + return nil + } + request.PageToken = resp.NextPageToken + return &request + } + iterator := listing.NewIterator( + &request, + getNextPage, + getItems, + getNextReq) + return iterator +} + +// List credentials. +// +// Gets an array of credentials (as __CredentialInfo__ objects). +// +// The array is limited to only the credentials that the caller has permission +// to access. If the caller is a metastore admin, retrieval of credentials is +// unrestricted. There is no guarantee of a specific ordering of the elements in +// the array. +// +// This method is generated by Databricks SDK Code Generator. +func (a *CredentialsAPI) ListCredentialsAll(ctx context.Context, request ListCredentialsRequest) ([]CredentialInfo, error) { + iterator := a.ListCredentials(ctx, request) + return listing.ToSlice[CredentialInfo](ctx, iterator) +} + type ExternalLocationsInterface interface { // Create an external location. diff --git a/service/catalog/impl.go b/service/catalog/impl.go index 6f06d77c1..78c34e52d 100755 --- a/service/catalog/impl.go +++ b/service/catalog/impl.go @@ -294,6 +294,78 @@ func (a *connectionsImpl) Update(ctx context.Context, request UpdateConnection) return &connectionInfo, err } +// unexported type that holds implementations of just Credentials API methods +type credentialsImpl struct { + client *client.DatabricksClient +} + +func (a *credentialsImpl) CreateCredential(ctx context.Context, request CreateCredentialRequest) (*CredentialInfo, error) { + var credentialInfo CredentialInfo + path := "/api/2.1/unity-catalog/credentials" + headers := make(map[string]string) + headers["Accept"] = "application/json" + headers["Content-Type"] = "application/json" + err := a.client.Do(ctx, http.MethodPost, path, headers, request, &credentialInfo) + return &credentialInfo, err +} + +func (a *credentialsImpl) DeleteCredential(ctx context.Context, request DeleteCredentialRequest) error { + var deleteCredentialResponse DeleteCredentialResponse + path := fmt.Sprintf("/api/2.1/unity-catalog/credentials/%v", request.NameArg) + headers := make(map[string]string) + headers["Accept"] = "application/json" + err := a.client.Do(ctx, http.MethodDelete, path, headers, request, &deleteCredentialResponse) + return err +} + +func (a *credentialsImpl) GenerateTemporaryServiceCredential(ctx context.Context, request GenerateTemporaryServiceCredentialRequest) (*TemporaryCredentials, error) { + var temporaryCredentials TemporaryCredentials + path := "/api/2.1/unity-catalog/temporary-service-credentials" + headers := make(map[string]string) + headers["Accept"] = "application/json" + headers["Content-Type"] = "application/json" + err := a.client.Do(ctx, http.MethodPost, path, headers, request, &temporaryCredentials) + return &temporaryCredentials, err +} + +func (a *credentialsImpl) GetCredential(ctx context.Context, request GetCredentialRequest) (*CredentialInfo, error) { + var credentialInfo CredentialInfo + path := fmt.Sprintf("/api/2.1/unity-catalog/credentials/%v", request.NameArg) + headers := make(map[string]string) + headers["Accept"] = "application/json" + err := a.client.Do(ctx, http.MethodGet, path, headers, request, &credentialInfo) + return &credentialInfo, err +} + +func (a *credentialsImpl) ListCredentials(ctx context.Context, request ListCredentialsRequest) (*ListCredentialsResponse, error) { + var listCredentialsResponse ListCredentialsResponse + path := "/api/2.1/unity-catalog/credentials" + headers := make(map[string]string) + headers["Accept"] = "application/json" + err := a.client.Do(ctx, http.MethodGet, path, headers, request, &listCredentialsResponse) + return &listCredentialsResponse, err +} + +func (a *credentialsImpl) UpdateCredential(ctx context.Context, request UpdateCredentialRequest) (*CredentialInfo, error) { + var credentialInfo CredentialInfo + path := fmt.Sprintf("/api/2.1/unity-catalog/credentials/%v", request.NameArg) + headers := make(map[string]string) + headers["Accept"] = "application/json" + headers["Content-Type"] = "application/json" + err := a.client.Do(ctx, http.MethodPatch, path, headers, request, &credentialInfo) + return &credentialInfo, err +} + +func (a *credentialsImpl) ValidateCredential(ctx context.Context, request ValidateCredentialRequest) (*ValidateCredentialResponse, error) { + var validateCredentialResponse ValidateCredentialResponse + path := "/api/2.1/unity-catalog/validate-credentials" + headers := make(map[string]string) + headers["Accept"] = "application/json" + headers["Content-Type"] = "application/json" + err := a.client.Do(ctx, http.MethodPost, path, headers, request, &validateCredentialResponse) + return &validateCredentialResponse, err +} + // unexported type that holds implementations of just ExternalLocations API methods type externalLocationsImpl struct { client *client.DatabricksClient diff --git a/service/catalog/interface.go b/service/catalog/interface.go index 5466721d9..85d13f41d 100755 --- a/service/catalog/interface.go +++ b/service/catalog/interface.go @@ -234,6 +234,73 @@ type ConnectionsService interface { Update(ctx context.Context, request UpdateConnection) (*ConnectionInfo, error) } +// A credential represents an authentication and authorization mechanism for +// accessing services on your cloud tenant. Each credential is subject to Unity +// Catalog access-control policies that control which users and groups can +// access the credential. +// +// To create credentials, you must be a Databricks account admin or have the +// `CREATE SERVICE CREDENTIAL privilege. The user who creates the credential can +// delegate ownership to another user or group to manage permissions on it +type CredentialsService interface { + + // Create a credential. + // + // Creates a new credential. + CreateCredential(ctx context.Context, request CreateCredentialRequest) (*CredentialInfo, error) + + // Delete a credential. + // + // Deletes a credential from the metastore. The caller must be an owner of + // the credential. + DeleteCredential(ctx context.Context, request DeleteCredentialRequest) error + + // Generate a temporary service credential. + // + // Returns a set of temporary credentials generated using the specified + // service credential. The caller must be a metastore admin or have the + // metastore privilege **ACCESS** on the service credential. + GenerateTemporaryServiceCredential(ctx context.Context, request GenerateTemporaryServiceCredentialRequest) (*TemporaryCredentials, error) + + // Get a credential. + // + // Gets a credential from the metastore. The caller must be a metastore + // admin, the owner of the credential, or have any permission on the + // credential. + GetCredential(ctx context.Context, request GetCredentialRequest) (*CredentialInfo, error) + + // List credentials. + // + // Gets an array of credentials (as __CredentialInfo__ objects). + // + // The array is limited to only the credentials that the caller has + // permission to access. If the caller is a metastore admin, retrieval of + // credentials is unrestricted. There is no guarantee of a specific ordering + // of the elements in the array. + // + // Use ListCredentialsAll() to get all CredentialInfo instances, which will iterate over every result page. + ListCredentials(ctx context.Context, request ListCredentialsRequest) (*ListCredentialsResponse, error) + + // Update a credential. + // + // Updates a credential on the metastore. + // + // The caller must be the owner of the credential or a metastore admin or + // have the `MANAGE` permission. If the caller is a metastore admin, only + // the __owner__ field can be changed. + UpdateCredential(ctx context.Context, request UpdateCredentialRequest) (*CredentialInfo, error) + + // Validate a credential. + // + // Validates a credential. + // + // Either the __credential_name__ or the cloud-specific credential must be + // provided. + // + // The caller must be a metastore admin or the credential owner. + ValidateCredential(ctx context.Context, request ValidateCredentialRequest) (*ValidateCredentialResponse, error) +} + // An external location is an object that combines a cloud storage path with a // storage credential that authorizes access to the cloud storage path. Each // external location is subject to Unity Catalog access-control policies that diff --git a/service/catalog/model.go b/service/catalog/model.go index 4c48f561a..055d53103 100755 --- a/service/catalog/model.go +++ b/service/catalog/model.go @@ -147,6 +147,29 @@ func (s AwsCredentials) MarshalJSON() ([]byte, error) { return marshal.Marshal(s) } +// The AWS IAM role configuration +type AwsIamRole struct { + // The external ID used in role assumption to prevent the confused deputy + // problem. + ExternalId string `json:"external_id,omitempty"` + // The Amazon Resource Name (ARN) of the AWS IAM role used to vend temporary + // credentials. + RoleArn string `json:"role_arn,omitempty"` + // The Amazon Resource Name (ARN) of the AWS IAM user managed by Databricks. + // This is the identity that is going to assume the AWS IAM role. + UnityCatalogIamArn string `json:"unity_catalog_iam_arn,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *AwsIamRole) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s AwsIamRole) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + type AwsIamRoleRequest struct { // The Amazon Resource Name (ARN) of the AWS IAM role for S3 data access. RoleArn string `json:"role_arn"` @@ -173,6 +196,55 @@ func (s AwsIamRoleResponse) MarshalJSON() ([]byte, error) { return marshal.Marshal(s) } +// Azure Active Directory token, essentially the Oauth token for Azure Service +// Principal or Managed Identity. Read more at +// https://learn.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/aad/service-prin-aad-token +type AzureActiveDirectoryToken struct { + // Opaque token that contains claims that you can use in Azure Active + // Directory to access cloud services. + AadToken string `json:"aad_token,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *AzureActiveDirectoryToken) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s AzureActiveDirectoryToken) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + +// The Azure managed identity configuration. +type AzureManagedIdentity struct { + // The Azure resource ID of the Azure Databricks Access Connector. Use the + // format + // `/subscriptions/{guid}/resourceGroups/{rg-name}/providers/Microsoft.Databricks/accessConnectors/{connector-name}`. + AccessConnectorId string `json:"access_connector_id,omitempty"` + // The Databricks internal ID that represents this managed identity. This + // field is only used to persist the credential_id once it is fetched from + // the credentials manager - as we only use the protobuf serializer to store + // credentials, this ID gets persisted to the database. . + CredentialId string `json:"credential_id,omitempty"` + // The Azure resource ID of the managed identity. Use the format, + // `/subscriptions/{guid}/resourceGroups/{rg-name}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identity-name}` + // This is only available for user-assgined identities. For system-assigned + // identities, the access_connector_id is used to identify the identity. If + // this field is not provided, then we assume the AzureManagedIdentity is + // using the system-assigned identity. + ManagedIdentityId string `json:"managed_identity_id,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *AzureManagedIdentity) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s AzureManagedIdentity) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + type AzureManagedIdentityRequest struct { // The Azure resource ID of the Azure Databricks Access Connector. Use the // format @@ -550,6 +622,8 @@ const ColumnTypeNameTimestampNtz ColumnTypeName = `TIMESTAMP_NTZ` const ColumnTypeNameUserDefinedType ColumnTypeName = `USER_DEFINED_TYPE` +const ColumnTypeNameVariant ColumnTypeName = `VARIANT` + // String representation for [fmt.Print] func (f *ColumnTypeName) String() string { return string(*f) @@ -558,11 +632,11 @@ func (f *ColumnTypeName) String() string { // Set raw string value and validate it against allowed values func (f *ColumnTypeName) Set(v string) error { switch v { - case `ARRAY`, `BINARY`, `BOOLEAN`, `BYTE`, `CHAR`, `DATE`, `DECIMAL`, `DOUBLE`, `FLOAT`, `INT`, `INTERVAL`, `LONG`, `MAP`, `NULL`, `SHORT`, `STRING`, `STRUCT`, `TABLE_TYPE`, `TIMESTAMP`, `TIMESTAMP_NTZ`, `USER_DEFINED_TYPE`: + case `ARRAY`, `BINARY`, `BOOLEAN`, `BYTE`, `CHAR`, `DATE`, `DECIMAL`, `DOUBLE`, `FLOAT`, `INT`, `INTERVAL`, `LONG`, `MAP`, `NULL`, `SHORT`, `STRING`, `STRUCT`, `TABLE_TYPE`, `TIMESTAMP`, `TIMESTAMP_NTZ`, `USER_DEFINED_TYPE`, `VARIANT`: *f = ColumnTypeName(v) return nil default: - return fmt.Errorf(`value "%s" is not one of "ARRAY", "BINARY", "BOOLEAN", "BYTE", "CHAR", "DATE", "DECIMAL", "DOUBLE", "FLOAT", "INT", "INTERVAL", "LONG", "MAP", "NULL", "SHORT", "STRING", "STRUCT", "TABLE_TYPE", "TIMESTAMP", "TIMESTAMP_NTZ", "USER_DEFINED_TYPE"`, v) + return fmt.Errorf(`value "%s" is not one of "ARRAY", "BINARY", "BOOLEAN", "BYTE", "CHAR", "DATE", "DECIMAL", "DOUBLE", "FLOAT", "INT", "INTERVAL", "LONG", "MAP", "NULL", "SHORT", "STRING", "STRUCT", "TABLE_TYPE", "TIMESTAMP", "TIMESTAMP_NTZ", "USER_DEFINED_TYPE", "VARIANT"`, v) } } @@ -801,6 +875,33 @@ func (s CreateConnection) MarshalJSON() ([]byte, error) { return marshal.Marshal(s) } +type CreateCredentialRequest struct { + // The AWS IAM role configuration + AwsIamRole *AwsIamRole `json:"aws_iam_role,omitempty"` + // The Azure managed identity configuration. + AzureManagedIdentity *AzureManagedIdentity `json:"azure_managed_identity,omitempty"` + // Comment associated with the credential. + Comment string `json:"comment,omitempty"` + // The credential name. The name must be unique among storage and service + // credentials within the metastore. + Name string `json:"name,omitempty"` + // Indicates the purpose of the credential. + Purpose CredentialPurpose `json:"purpose,omitempty"` + // Optional. Supplying true to this argument skips validation of the created + // set of credentials. + SkipValidation bool `json:"skip_validation,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *CreateCredentialRequest) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s CreateCredentialRequest) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + type CreateExternalLocation struct { // The AWS access point to use when accesing s3 for this external location. AccessPoint string `json:"access_point,omitempty"` @@ -956,7 +1057,7 @@ func (f *CreateFunctionRoutineBody) Type() string { return "CreateFunctionRoutineBody" } -// Function security type. +// The security type of the function. type CreateFunctionSecurityType string const CreateFunctionSecurityTypeDefiner CreateFunctionSecurityType = `DEFINER` @@ -1218,6 +1319,74 @@ func (s CreateVolumeRequestContent) MarshalJSON() ([]byte, error) { return marshal.Marshal(s) } +type CredentialInfo struct { + // The AWS IAM role configuration + AwsIamRole *AwsIamRole `json:"aws_iam_role,omitempty"` + // The Azure managed identity configuration. + AzureManagedIdentity *AzureManagedIdentity `json:"azure_managed_identity,omitempty"` + // Comment associated with the credential. + Comment string `json:"comment,omitempty"` + // Time at which this credential was created, in epoch milliseconds. + CreatedAt int64 `json:"created_at,omitempty"` + // Username of credential creator. + CreatedBy string `json:"created_by,omitempty"` + // The full name of the credential. + FullName string `json:"full_name,omitempty"` + // The unique identifier of the credential. + Id string `json:"id,omitempty"` + // Whether the current securable is accessible from all workspaces or a + // specific set of workspaces. + IsolationMode IsolationMode `json:"isolation_mode,omitempty"` + // Unique identifier of the parent metastore. + MetastoreId string `json:"metastore_id,omitempty"` + // The credential name. The name must be unique among storage and service + // credentials within the metastore. + Name string `json:"name,omitempty"` + // Username of current owner of credential. + Owner string `json:"owner,omitempty"` + // Indicates the purpose of the credential. + Purpose CredentialPurpose `json:"purpose,omitempty"` + // Time at which this credential was last modified, in epoch milliseconds. + UpdatedAt int64 `json:"updated_at,omitempty"` + // Username of user who last modified the credential. + UpdatedBy string `json:"updated_by,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *CredentialInfo) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s CredentialInfo) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + +type CredentialPurpose string + +const CredentialPurposeService CredentialPurpose = `SERVICE` + +// String representation for [fmt.Print] +func (f *CredentialPurpose) String() string { + return string(*f) +} + +// Set raw string value and validate it against allowed values +func (f *CredentialPurpose) Set(v string) error { + switch v { + case `SERVICE`: + *f = CredentialPurpose(v) + return nil + default: + return fmt.Errorf(`value "%s" is not one of "SERVICE"`, v) + } +} + +// Type always returns CredentialPurpose to satisfy [pflag.Value] interface +func (f *CredentialPurpose) Type() string { + return "CredentialPurpose" +} + // The type of credential. type CredentialType string @@ -1246,6 +1415,23 @@ func (f *CredentialType) Type() string { return "CredentialType" } +type CredentialValidationResult struct { + // Error message would exist when the result does not equal to **PASS**. + Message string `json:"message,omitempty"` + // The results of the tested operation. + Result ValidateCredentialResult `json:"result,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *CredentialValidationResult) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s CredentialValidationResult) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + // Currently assigned workspaces type CurrentWorkspaceBindings struct { // A list of workspace IDs. @@ -1425,6 +1611,27 @@ type DeleteConnectionRequest struct { Name string `json:"-" url:"-"` } +// Delete a credential +type DeleteCredentialRequest struct { + // Force deletion even if there are dependent services. + Force bool `json:"-" url:"force,omitempty"` + // Name of the credential. + NameArg string `json:"-" url:"-"` + + ForceSendFields []string `json:"-"` +} + +func (s *DeleteCredentialRequest) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s DeleteCredentialRequest) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + +type DeleteCredentialResponse struct { +} + // Delete an external location type DeleteExternalLocationRequest struct { // Force deletion even if there are dependent external tables or mounts. @@ -1779,8 +1986,7 @@ type ExternalLocationInfo struct { // When fallback mode is enabled, the access to the location falls back to // cluster credentials if UC credentials are not sufficient. Fallback bool `json:"fallback,omitempty"` - // Whether the current securable is accessible from all workspaces or a - // specific set of workspaces. + IsolationMode IsolationMode `json:"isolation_mode,omitempty"` // Unique identifier of metastore hosting the external location. MetastoreId string `json:"metastore_id,omitempty"` @@ -1988,7 +2194,7 @@ func (f *FunctionInfoRoutineBody) Type() string { return "FunctionInfoRoutineBody" } -// Function security type. +// The security type of the function. type FunctionInfoSecurityType string const FunctionInfoSecurityTypeDefiner FunctionInfoSecurityType = `DEFINER` @@ -2157,6 +2363,32 @@ func (s GcpOauthToken) MarshalJSON() ([]byte, error) { return marshal.Marshal(s) } +// Options to customize the requested temporary credential +type GenerateTemporaryServiceCredentialAzureOptions struct { + // The resources to which the temporary Azure credential should apply. These + // resources are the scopes that are passed to the token provider (see + // https://learn.microsoft.com/python/api/azure-core/azure.core.credentials.tokencredential?view=azure-python) + Resources []string `json:"resources,omitempty"` +} + +type GenerateTemporaryServiceCredentialRequest struct { + // Options to customize the requested temporary credential + AzureOptions *GenerateTemporaryServiceCredentialAzureOptions `json:"azure_options,omitempty"` + // The name of the service credential used to generate a temporary + // credential + CredentialName string `json:"credential_name,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *GenerateTemporaryServiceCredentialRequest) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s GenerateTemporaryServiceCredentialRequest) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + type GenerateTemporaryTableCredentialRequest struct { // The operation performed against the table data, either READ or // READ_WRITE. If READ_WRITE is specified, the credentials returned will @@ -2180,6 +2412,10 @@ type GenerateTemporaryTableCredentialResponse struct { // AWS temporary credentials for API authentication. Read more at // https://docs.aws.amazon.com/STS/latest/APIReference/API_Credentials.html. AwsTempCredentials *AwsCredentials `json:"aws_temp_credentials,omitempty"` + // Azure Active Directory token, essentially the Oauth token for Azure + // Service Principal or Managed Identity. Read more at + // https://learn.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/aad/service-prin-aad-token + AzureAad *AzureActiveDirectoryToken `json:"azure_aad,omitempty"` // Azure temporary credentials for API authentication. Read more at // https://docs.microsoft.com/en-us/rest/api/storageservices/create-user-delegation-sas AzureUserDelegationSas *AzureUserDelegationSas `json:"azure_user_delegation_sas,omitempty"` @@ -2265,6 +2501,8 @@ const GetBindingsSecurableTypeCatalog GetBindingsSecurableType = `catalog` const GetBindingsSecurableTypeExternalLocation GetBindingsSecurableType = `external_location` +const GetBindingsSecurableTypeServiceCredential GetBindingsSecurableType = `service_credential` + const GetBindingsSecurableTypeStorageCredential GetBindingsSecurableType = `storage_credential` // String representation for [fmt.Print] @@ -2275,11 +2513,11 @@ func (f *GetBindingsSecurableType) String() string { // Set raw string value and validate it against allowed values func (f *GetBindingsSecurableType) Set(v string) error { switch v { - case `catalog`, `external_location`, `storage_credential`: + case `catalog`, `external_location`, `service_credential`, `storage_credential`: *f = GetBindingsSecurableType(v) return nil default: - return fmt.Errorf(`value "%s" is not one of "catalog", "external_location", "storage_credential"`, v) + return fmt.Errorf(`value "%s" is not one of "catalog", "external_location", "service_credential", "storage_credential"`, v) } } @@ -2334,6 +2572,12 @@ type GetConnectionRequest struct { Name string `json:"-" url:"-"` } +// Get a credential +type GetCredentialRequest struct { + // Name of the credential. + NameArg string `json:"-" url:"-"` +} + // Get effective permissions type GetEffectiveRequest struct { // Full name of securable. @@ -2640,8 +2884,6 @@ type GetWorkspaceBindingRequest struct { Name string `json:"-" url:"-"` } -// Whether the current securable is accessible from all workspaces or a specific -// set of workspaces. type IsolationMode string const IsolationModeIsolationModeIsolated IsolationMode = `ISOLATION_MODE_ISOLATED` @@ -2781,6 +3023,48 @@ func (s ListConnectionsResponse) MarshalJSON() ([]byte, error) { return marshal.Marshal(s) } +// List credentials +type ListCredentialsRequest struct { + // Maximum number of credentials to return. - If not set, the default max + // page size is used. - When set to a value greater than 0, the page length + // is the minimum of this value and a server-configured value. - When set to + // 0, the page length is set to a server-configured value (recommended). - + // When set to a value less than 0, an invalid parameter error is returned. + MaxResults int `json:"-" url:"max_results,omitempty"` + // Opaque token to retrieve the next page of results. + PageToken string `json:"-" url:"page_token,omitempty"` + // Return only credentials for the specified purpose. + Purpose CredentialPurpose `json:"-" url:"purpose,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *ListCredentialsRequest) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s ListCredentialsRequest) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + +type ListCredentialsResponse struct { + Credentials []CredentialInfo `json:"credentials,omitempty"` + // Opaque token to retrieve the next page of results. Absent if there are no + // more pages. __page_token__ should be set to this value for the next + // request (for the next page of results). + NextPageToken string `json:"next_page_token,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *ListCredentialsResponse) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s ListCredentialsResponse) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + // List external locations type ListExternalLocationsRequest struct { // Whether to include external locations in the response for which the @@ -3240,6 +3524,9 @@ type ListTablesRequest struct { OmitColumns bool `json:"-" url:"omit_columns,omitempty"` // Whether to omit the properties of the table from the response or not. OmitProperties bool `json:"-" url:"omit_properties,omitempty"` + // Whether to omit the username of the table (e.g. owner, updated_by, + // created_by) from the response or not. + OmitUsername bool `json:"-" url:"omit_username,omitempty"` // Opaque token to send for the next page of results (pagination). PageToken string `json:"-" url:"page_token,omitempty"` // Parent schema of tables. @@ -4591,6 +4878,8 @@ const SecurableTypeCatalog SecurableType = `catalog` const SecurableTypeConnection SecurableType = `connection` +const SecurableTypeCredential SecurableType = `credential` + const SecurableTypeExternalLocation SecurableType = `external_location` const SecurableTypeFunction SecurableType = `function` @@ -4621,11 +4910,11 @@ func (f *SecurableType) String() string { // Set raw string value and validate it against allowed values func (f *SecurableType) Set(v string) error { switch v { - case `catalog`, `connection`, `external_location`, `function`, `metastore`, `pipeline`, `provider`, `recipient`, `schema`, `share`, `storage_credential`, `table`, `volume`: + case `catalog`, `connection`, `credential`, `external_location`, `function`, `metastore`, `pipeline`, `provider`, `recipient`, `schema`, `share`, `storage_credential`, `table`, `volume`: *f = SecurableType(v) return nil default: - return fmt.Errorf(`value "%s" is not one of "catalog", "connection", "external_location", "function", "metastore", "pipeline", "provider", "recipient", "schema", "share", "storage_credential", "table", "volume"`, v) + return fmt.Errorf(`value "%s" is not one of "catalog", "connection", "credential", "external_location", "function", "metastore", "pipeline", "provider", "recipient", "schema", "share", "storage_credential", "table", "volume"`, v) } } @@ -4714,10 +5003,11 @@ type StorageCredentialInfo struct { CreatedBy string `json:"created_by,omitempty"` // The Databricks managed GCP service account configuration. DatabricksGcpServiceAccount *DatabricksGcpServiceAccountResponse `json:"databricks_gcp_service_account,omitempty"` + // The full name of the credential. + FullName string `json:"full_name,omitempty"` // The unique identifier of the credential. Id string `json:"id,omitempty"` - // Whether the current securable is accessible from all workspaces or a - // specific set of workspaces. + IsolationMode IsolationMode `json:"isolation_mode,omitempty"` // Unique identifier of parent metastore. MetastoreId string `json:"metastore_id,omitempty"` @@ -5014,6 +5304,29 @@ func (f *TableType) Type() string { return "TableType" } +type TemporaryCredentials struct { + // AWS temporary credentials for API authentication. Read more at + // https://docs.aws.amazon.com/STS/latest/APIReference/API_Credentials.html. + AwsTempCredentials *AwsCredentials `json:"aws_temp_credentials,omitempty"` + // Azure Active Directory token, essentially the Oauth token for Azure + // Service Principal or Managed Identity. Read more at + // https://learn.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/aad/service-prin-aad-token + AzureAad *AzureActiveDirectoryToken `json:"azure_aad,omitempty"` + // Server time when the credential will expire, in epoch milliseconds. The + // API client is advised to cache the credential given this expiration time. + ExpirationTime int64 `json:"expiration_time,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *TemporaryCredentials) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s TemporaryCredentials) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + // Detailed status of an online table. Shown if the online table is in the // ONLINE_TRIGGERED_UPDATE or the ONLINE_NO_PENDING_UPDATE state. type TriggeredUpdateStatus struct { @@ -5058,6 +5371,8 @@ const UpdateBindingsSecurableTypeCatalog UpdateBindingsSecurableType = `catalog` const UpdateBindingsSecurableTypeExternalLocation UpdateBindingsSecurableType = `external_location` +const UpdateBindingsSecurableTypeServiceCredential UpdateBindingsSecurableType = `service_credential` + const UpdateBindingsSecurableTypeStorageCredential UpdateBindingsSecurableType = `storage_credential` // String representation for [fmt.Print] @@ -5068,11 +5383,11 @@ func (f *UpdateBindingsSecurableType) String() string { // Set raw string value and validate it against allowed values func (f *UpdateBindingsSecurableType) Set(v string) error { switch v { - case `catalog`, `external_location`, `storage_credential`: + case `catalog`, `external_location`, `service_credential`, `storage_credential`: *f = UpdateBindingsSecurableType(v) return nil default: - return fmt.Errorf(`value "%s" is not one of "catalog", "external_location", "storage_credential"`, v) + return fmt.Errorf(`value "%s" is not one of "catalog", "external_location", "service_credential", "storage_credential"`, v) } } @@ -5131,6 +5446,39 @@ func (s UpdateConnection) MarshalJSON() ([]byte, error) { return marshal.Marshal(s) } +type UpdateCredentialRequest struct { + // The AWS IAM role configuration + AwsIamRole *AwsIamRole `json:"aws_iam_role,omitempty"` + // The Azure managed identity configuration. + AzureManagedIdentity *AzureManagedIdentity `json:"azure_managed_identity,omitempty"` + // Comment associated with the credential. + Comment string `json:"comment,omitempty"` + // Force update even if there are dependent services. + Force bool `json:"force,omitempty"` + // Whether the current securable is accessible from all workspaces or a + // specific set of workspaces. + IsolationMode IsolationMode `json:"isolation_mode,omitempty"` + // Name of the credential. + NameArg string `json:"-" url:"-"` + // New name of credential. + NewName string `json:"new_name,omitempty"` + // Username of current owner of credential. + Owner string `json:"owner,omitempty"` + // Supply true to this argument to skip validation of the updated + // credential. + SkipValidation bool `json:"skip_validation,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *UpdateCredentialRequest) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s UpdateCredentialRequest) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + type UpdateExternalLocation struct { // The AWS access point to use when accesing s3 for this external location. AccessPoint string `json:"access_point,omitempty"` @@ -5147,8 +5495,7 @@ type UpdateExternalLocation struct { // Force update even if changing url invalidates dependent external tables // or mounts. Force bool `json:"force,omitempty"` - // Whether the current securable is accessible from all workspaces or a - // specific set of workspaces. + IsolationMode IsolationMode `json:"isolation_mode,omitempty"` // Name of the external location. Name string `json:"-" url:"-"` @@ -5413,8 +5760,7 @@ type UpdateStorageCredential struct { // Force update even if there are dependent external locations or external // tables. Force bool `json:"force,omitempty"` - // Whether the current securable is accessible from all workspaces or a - // specific set of workspaces. + IsolationMode IsolationMode `json:"isolation_mode,omitempty"` // Name of the storage credential. Name string `json:"-" url:"-"` @@ -5498,6 +5844,64 @@ type UpdateWorkspaceBindingsParameters struct { SecurableType UpdateBindingsSecurableType `json:"-" url:"-"` } +type ValidateCredentialRequest struct { + // The AWS IAM role configuration + AwsIamRole *AwsIamRole `json:"aws_iam_role,omitempty"` + // The Azure managed identity configuration. + AzureManagedIdentity *AzureManagedIdentity `json:"azure_managed_identity,omitempty"` + // Required. The name of an existing credential or long-lived cloud + // credential to validate. + CredentialName string `json:"credential_name,omitempty"` + // The purpose of the credential. This should only be used when the + // credential is specified. + Purpose CredentialPurpose `json:"purpose,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *ValidateCredentialRequest) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s ValidateCredentialRequest) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + +type ValidateCredentialResponse struct { + // The results of the validation check. + Results []CredentialValidationResult `json:"results,omitempty"` +} + +// A enum represents the result of the file operation +type ValidateCredentialResult string + +const ValidateCredentialResultFail ValidateCredentialResult = `FAIL` + +const ValidateCredentialResultPass ValidateCredentialResult = `PASS` + +const ValidateCredentialResultSkip ValidateCredentialResult = `SKIP` + +// String representation for [fmt.Print] +func (f *ValidateCredentialResult) String() string { + return string(*f) +} + +// Set raw string value and validate it against allowed values +func (f *ValidateCredentialResult) Set(v string) error { + switch v { + case `FAIL`, `PASS`, `SKIP`: + *f = ValidateCredentialResult(v) + return nil + default: + return fmt.Errorf(`value "%s" is not one of "FAIL", "PASS", "SKIP"`, v) + } +} + +// Type always returns ValidateCredentialResult to satisfy [pflag.Value] interface +func (f *ValidateCredentialResult) Type() string { + return "ValidateCredentialResult" +} + type ValidateStorageCredential struct { // The AWS IAM role configuration. AwsIamRole *AwsIamRoleRequest `json:"aws_iam_role,omitempty"` diff --git a/service/compute/api.go b/service/compute/api.go index f036c90a3..89b6b6e61 100755 --- a/service/compute/api.go +++ b/service/compute/api.go @@ -107,7 +107,8 @@ type ClusterPoliciesInterface interface { // Set cluster policy permissions. // - // Sets permissions on a cluster policy. Cluster policies can inherit + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit // permissions from their root object. SetPermissions(ctx context.Context, request ClusterPolicyPermissionsRequest) (*ClusterPolicyPermissions, error) @@ -536,8 +537,9 @@ type ClustersInterface interface { // Set cluster permissions. // - // Sets permissions on a cluster. Clusters can inherit permissions from their - // root object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their root object. SetPermissions(ctx context.Context, request ClusterPermissionsRequest) (*ClusterPermissions, error) // List available Spark versions. @@ -2100,8 +2102,9 @@ type InstancePoolsInterface interface { // Set instance pool permissions. // - // Sets permissions on an instance pool. Instance pools can inherit permissions - // from their root object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their root object. SetPermissions(ctx context.Context, request InstancePoolPermissionsRequest) (*InstancePoolPermissions, error) // Update instance pool permissions. diff --git a/service/compute/interface.go b/service/compute/interface.go index 92b5d9af8..05ecfd19f 100755 --- a/service/compute/interface.go +++ b/service/compute/interface.go @@ -74,8 +74,9 @@ type ClusterPoliciesService interface { // Set cluster policy permissions. // - // Sets permissions on a cluster policy. Cluster policies can inherit - // permissions from their root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request ClusterPolicyPermissionsRequest) (*ClusterPolicyPermissions, error) // Update cluster policy permissions. @@ -242,8 +243,9 @@ type ClustersService interface { // Set cluster permissions. // - // Sets permissions on a cluster. Clusters can inherit permissions from - // their root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request ClusterPermissionsRequest) (*ClusterPermissions, error) // List available Spark versions. @@ -446,8 +448,9 @@ type InstancePoolsService interface { // Set instance pool permissions. // - // Sets permissions on an instance pool. Instance pools can inherit - // permissions from their root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request InstancePoolPermissionsRequest) (*InstancePoolPermissions, error) // Update instance pool permissions. diff --git a/service/compute/model.go b/service/compute/model.go index 7ce20880f..5ac509272 100755 --- a/service/compute/model.go +++ b/service/compute/model.go @@ -2188,7 +2188,7 @@ type EditCluster struct { // Attributes related to clusters running on Microsoft Azure. If not // specified at cluster creation, a set of default values will be used. AzureAttributes *AzureAttributes `json:"azure_attributes,omitempty"` - // ID of the cluser + // ID of the cluster ClusterId string `json:"cluster_id"` // The configuration for delivering spark logs to a long-term storage // destination. Two kinds of destinations (dbfs and s3) are supported. Only diff --git a/service/dashboards/model.go b/service/dashboards/model.go index 3f91f958d..bff2c3cbc 100755 --- a/service/dashboards/model.go +++ b/service/dashboards/model.go @@ -817,6 +817,8 @@ type Schedule struct { ScheduleId string `json:"schedule_id,omitempty"` // A timestamp indicating when the schedule was last updated. UpdateTime string `json:"update_time,omitempty"` + // The warehouse id to run the dashboard with for the schedule. + WarehouseId string `json:"warehouse_id,omitempty"` ForceSendFields []string `json:"-"` } diff --git a/service/iam/api.go b/service/iam/api.go index aa4a6e179..388b0a2f9 100755 --- a/service/iam/api.go +++ b/service/iam/api.go @@ -1011,8 +1011,9 @@ type PermissionsInterface interface { // Set object permissions. // - // Sets permissions on an object. Objects can inherit permissions from their - // parent objects or root object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their parent objects or root object. Set(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error) // Update object permissions. @@ -1404,8 +1405,9 @@ type UsersInterface interface { // Set password permissions. // - // Sets permissions on all passwords. Passwords can inherit permissions from - // their root object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their root object. SetPermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error) // Replace a user. diff --git a/service/iam/interface.go b/service/iam/interface.go index 1d4a52192..0a76288c2 100755 --- a/service/iam/interface.go +++ b/service/iam/interface.go @@ -328,8 +328,9 @@ type PermissionsService interface { // Set object permissions. // - // Sets permissions on an object. Objects can inherit permissions from their - // parent objects or root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their parent objects or root object. Set(ctx context.Context, request PermissionsRequest) (*ObjectPermissions, error) // Update object permissions. @@ -441,8 +442,9 @@ type UsersService interface { // Set password permissions. // - // Sets permissions on all passwords. Passwords can inherit permissions from - // their root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request PasswordPermissionsRequest) (*PasswordPermissions, error) // Replace a user. diff --git a/service/jobs/api.go b/service/jobs/api.go index 392707b0e..b34dbfec2 100755 --- a/service/jobs/api.go +++ b/service/jobs/api.go @@ -225,8 +225,9 @@ type JobsInterface interface { // Set job permissions. // - // Sets permissions on a job. Jobs can inherit permissions from their root - // object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their root object. SetPermissions(ctx context.Context, request JobPermissionsRequest) (*JobPermissions, error) // Create and trigger a one-time run. diff --git a/service/jobs/interface.go b/service/jobs/interface.go index b6a78fc2d..b1ce89b9e 100755 --- a/service/jobs/interface.go +++ b/service/jobs/interface.go @@ -127,8 +127,9 @@ type JobsService interface { // Set job permissions. // - // Sets permissions on a job. Jobs can inherit permissions from their root - // object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request JobPermissionsRequest) (*JobPermissions, error) // Create and trigger a one-time run. diff --git a/service/jobs/model.go b/service/jobs/model.go index c8e99f852..5d874f21c 100755 --- a/service/jobs/model.go +++ b/service/jobs/model.go @@ -2907,6 +2907,9 @@ type RunNow struct { // [Task parameter variables]: https://docs.databricks.com/jobs.html#parameter-variables // [dbutils.widgets.get]: https://docs.databricks.com/dev-tools/databricks-utils.html NotebookParams map[string]string `json:"notebook_params,omitempty"` + // A list of task keys to run inside of the job. If this field is not + // provided, all tasks in the job will be run. + Only []string `json:"only,omitempty"` // Controls whether the pipeline should perform a full refresh PipelineParams *PipelineParams `json:"pipeline_params,omitempty"` diff --git a/service/ml/api.go b/service/ml/api.go index 0b5818059..c3c468759 100755 --- a/service/ml/api.go +++ b/service/ml/api.go @@ -292,8 +292,9 @@ type ExperimentsInterface interface { // Set experiment permissions. // - // Sets permissions on an experiment. Experiments can inherit permissions from - // their root object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their root object. SetPermissions(ctx context.Context, request ExperimentPermissionsRequest) (*ExperimentPermissions, error) // Set a tag. @@ -801,7 +802,8 @@ type ModelRegistryInterface interface { // Set registered model permissions. // - // Sets permissions on a registered model. Registered models can inherit + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit // permissions from their root object. SetPermissions(ctx context.Context, request RegisteredModelPermissionsRequest) (*RegisteredModelPermissions, error) diff --git a/service/ml/interface.go b/service/ml/interface.go index f85cf28c1..5e43a0021 100755 --- a/service/ml/interface.go +++ b/service/ml/interface.go @@ -251,8 +251,9 @@ type ExperimentsService interface { // Set experiment permissions. // - // Sets permissions on an experiment. Experiments can inherit permissions - // from their root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request ExperimentPermissionsRequest) (*ExperimentPermissions, error) // Set a tag. @@ -460,8 +461,9 @@ type ModelRegistryService interface { // Set registered model permissions. // - // Sets permissions on a registered model. Registered models can inherit - // permissions from their root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request RegisteredModelPermissionsRequest) (*RegisteredModelPermissions, error) // Test a webhook. diff --git a/service/pipelines/api.go b/service/pipelines/api.go index 84fccc08a..6654fe5bf 100755 --- a/service/pipelines/api.go +++ b/service/pipelines/api.go @@ -141,8 +141,9 @@ type PipelinesInterface interface { // Set pipeline permissions. // - // Sets permissions on a pipeline. Pipelines can inherit permissions from their - // root object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their root object. SetPermissions(ctx context.Context, request PipelinePermissionsRequest) (*PipelinePermissions, error) // Start a pipeline. diff --git a/service/pipelines/interface.go b/service/pipelines/interface.go index 313f2015e..6753a6ba6 100755 --- a/service/pipelines/interface.go +++ b/service/pipelines/interface.go @@ -74,8 +74,9 @@ type PipelinesService interface { // Set pipeline permissions. // - // Sets permissions on a pipeline. Pipelines can inherit permissions from - // their root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request PipelinePermissionsRequest) (*PipelinePermissions, error) // Start a pipeline. diff --git a/service/pipelines/model.go b/service/pipelines/model.go index 0ce469857..c9b67cd4c 100755 --- a/service/pipelines/model.go +++ b/service/pipelines/model.go @@ -39,7 +39,7 @@ type CreatePipeline struct { Edition string `json:"edition,omitempty"` // Filters on which Pipeline packages to include in the deployed graph. Filters *Filters `json:"filters,omitempty"` - // The definition of a gateway pipeline to support CDC. + // The definition of a gateway pipeline to support change data capture. GatewayDefinition *IngestionGatewayPipelineDefinition `json:"gateway_definition,omitempty"` // Unique identifier for this pipeline. Id string `json:"id,omitempty"` @@ -54,6 +54,8 @@ type CreatePipeline struct { Notifications []Notifications `json:"notifications,omitempty"` // Whether Photon is enabled for this pipeline. Photon bool `json:"photon,omitempty"` + // Restart window of this pipeline. + RestartWindow *RestartWindow `json:"restart_window,omitempty"` // The default schema (database) where tables are read from or published to. // The presence of this field implies that the pipeline is in direct // publishing mode. @@ -198,7 +200,7 @@ type EditPipeline struct { ExpectedLastModified int64 `json:"expected_last_modified,omitempty"` // Filters on which Pipeline packages to include in the deployed graph. Filters *Filters `json:"filters,omitempty"` - // The definition of a gateway pipeline to support CDC. + // The definition of a gateway pipeline to support change data capture. GatewayDefinition *IngestionGatewayPipelineDefinition `json:"gateway_definition,omitempty"` // Unique identifier for this pipeline. Id string `json:"id,omitempty"` @@ -215,6 +217,8 @@ type EditPipeline struct { Photon bool `json:"photon,omitempty"` // Unique identifier for this pipeline. PipelineId string `json:"pipeline_id,omitempty" url:"-"` + // Restart window of this pipeline. + RestartWindow *RestartWindow `json:"restart_window,omitempty"` // The default schema (database) where tables are read from or published to. // The presence of this field implies that the pipeline is in direct // publishing mode. @@ -418,18 +422,22 @@ type GetUpdateResponse struct { } type IngestionConfig struct { - // Select tables from a specific source report. + // Select a specific source report. Report *ReportSpec `json:"report,omitempty"` - // Select tables from a specific source schema. + // Select all tables from a specific source schema. Schema *SchemaSpec `json:"schema,omitempty"` - // Select tables from a specific source table. + // Select a specific source table. Table *TableSpec `json:"table,omitempty"` } type IngestionGatewayPipelineDefinition struct { - // Immutable. The Unity Catalog connection this gateway pipeline uses to - // communicate with the source. + // [Deprecated, use connection_name instead] Immutable. The Unity Catalog + // connection that this gateway pipeline uses to communicate with the + // source. ConnectionId string `json:"connection_id,omitempty"` + // Immutable. The Unity Catalog connection that this gateway pipeline uses + // to communicate with the source. + ConnectionName string `json:"connection_name,omitempty"` // Required, Immutable. The name of the catalog for the gateway pipeline's // storage location. GatewayStorageCatalog string `json:"gateway_storage_catalog,omitempty"` @@ -454,13 +462,13 @@ func (s IngestionGatewayPipelineDefinition) MarshalJSON() ([]byte, error) { } type IngestionPipelineDefinition struct { - // Immutable. The Unity Catalog connection this ingestion pipeline uses to - // communicate with the source. Specify either ingestion_gateway_id or - // connection_name. + // Immutable. The Unity Catalog connection that this ingestion pipeline uses + // to communicate with the source. This is used with connectors for + // applications like Salesforce, Workday, and so on. ConnectionName string `json:"connection_name,omitempty"` - // Immutable. Identifier for the ingestion gateway used by this ingestion - // pipeline to communicate with the source. Specify either - // ingestion_gateway_id or connection_name. + // Immutable. Identifier for the gateway that is used by this ingestion + // pipeline to communicate with the source database. This is used with + // connectors to databases like SQL Server. IngestionGatewayId string `json:"ingestion_gateway_id,omitempty"` // Required. Settings specifying tables to replicate and the destination for // the replicated tables. @@ -1127,7 +1135,7 @@ type PipelineSpec struct { Edition string `json:"edition,omitempty"` // Filters on which Pipeline packages to include in the deployed graph. Filters *Filters `json:"filters,omitempty"` - // The definition of a gateway pipeline to support CDC. + // The definition of a gateway pipeline to support change data capture. GatewayDefinition *IngestionGatewayPipelineDefinition `json:"gateway_definition,omitempty"` // Unique identifier for this pipeline. Id string `json:"id,omitempty"` @@ -1142,6 +1150,8 @@ type PipelineSpec struct { Notifications []Notifications `json:"notifications,omitempty"` // Whether Photon is enabled for this pipeline. Photon bool `json:"photon,omitempty"` + // Restart window of this pipeline. + RestartWindow *RestartWindow `json:"restart_window,omitempty"` // The default schema (database) where tables are read from or published to. // The presence of this field implies that the pipeline is in direct // publishing mode. @@ -1301,6 +1311,71 @@ func (s ReportSpec) MarshalJSON() ([]byte, error) { return marshal.Marshal(s) } +type RestartWindow struct { + // Days of week in which the restart is allowed to happen (within a + // five-hour window starting at start_hour). If not specified all days of + // the week will be used. + DaysOfWeek RestartWindowDaysOfWeek `json:"days_of_week,omitempty"` + // An integer between 0 and 23 denoting the start hour for the restart + // window in the 24-hour day. Continuous pipeline restart is triggered only + // within a five-hour window starting at this hour. + StartHour int `json:"start_hour"` + // Time zone id of restart window. See + // https://docs.databricks.com/sql/language-manual/sql-ref-syntax-aux-conf-mgmt-set-timezone.html + // for details. If not specified, UTC will be used. + TimeZoneId string `json:"time_zone_id,omitempty"` + + ForceSendFields []string `json:"-"` +} + +func (s *RestartWindow) UnmarshalJSON(b []byte) error { + return marshal.Unmarshal(b, s) +} + +func (s RestartWindow) MarshalJSON() ([]byte, error) { + return marshal.Marshal(s) +} + +// Days of week in which the restart is allowed to happen (within a five-hour +// window starting at start_hour). If not specified all days of the week will be +// used. +type RestartWindowDaysOfWeek string + +const RestartWindowDaysOfWeekFriday RestartWindowDaysOfWeek = `FRIDAY` + +const RestartWindowDaysOfWeekMonday RestartWindowDaysOfWeek = `MONDAY` + +const RestartWindowDaysOfWeekSaturday RestartWindowDaysOfWeek = `SATURDAY` + +const RestartWindowDaysOfWeekSunday RestartWindowDaysOfWeek = `SUNDAY` + +const RestartWindowDaysOfWeekThursday RestartWindowDaysOfWeek = `THURSDAY` + +const RestartWindowDaysOfWeekTuesday RestartWindowDaysOfWeek = `TUESDAY` + +const RestartWindowDaysOfWeekWednesday RestartWindowDaysOfWeek = `WEDNESDAY` + +// String representation for [fmt.Print] +func (f *RestartWindowDaysOfWeek) String() string { + return string(*f) +} + +// Set raw string value and validate it against allowed values +func (f *RestartWindowDaysOfWeek) Set(v string) error { + switch v { + case `FRIDAY`, `MONDAY`, `SATURDAY`, `SUNDAY`, `THURSDAY`, `TUESDAY`, `WEDNESDAY`: + *f = RestartWindowDaysOfWeek(v) + return nil + default: + return fmt.Errorf(`value "%s" is not one of "FRIDAY", "MONDAY", "SATURDAY", "SUNDAY", "THURSDAY", "TUESDAY", "WEDNESDAY"`, v) + } +} + +// Type always returns RestartWindowDaysOfWeek to satisfy [pflag.Value] interface +func (f *RestartWindowDaysOfWeek) Type() string { + return "RestartWindowDaysOfWeek" +} + type SchemaSpec struct { // Required. Destination catalog to store tables. DestinationCatalog string `json:"destination_catalog,omitempty"` diff --git a/service/pkg.go b/service/pkg.go index a811484b2..29ad2cc62 100644 --- a/service/pkg.go +++ b/service/pkg.go @@ -22,8 +22,6 @@ // // - [catalog.CatalogsAPI]: A catalog is the first layer of Unity Catalog’s three-level namespace. // -// - [sharing.CleanRoomsAPI]: A clean room is a secure, privacy-protecting environment where two or more parties can share sensitive enterprise data, including customer data, for measurements, insights, activation and other use cases. -// // - [compute.ClusterPoliciesAPI]: You can use cluster policies to control users' ability to configure clusters based on a set of rules. // // - [compute.ClustersAPI]: The Clusters API allows you to create, start, edit, list, terminate, and delete clusters. @@ -44,6 +42,8 @@ // // - [marketplace.ConsumerProvidersAPI]: Providers are the entities that publish listings to the Marketplace. // +// - [catalog.CredentialsAPI]: A credential represents an authentication and authorization mechanism for accessing services on your cloud tenant. +// // - [provisioning.CredentialsAPI]: These APIs manage credential configurations for this workspace. // // - [settings.CredentialsManagerAPI]: Credentials manager interacts with with Identity Providers to to perform token exchanges using stored credentials and refresh tokens. @@ -299,7 +299,6 @@ var ( _ *settings.AutomaticClusterUpdateAPI = nil _ *billing.BillableUsageAPI = nil _ *catalog.CatalogsAPI = nil - _ *sharing.CleanRoomsAPI = nil _ *compute.ClusterPoliciesAPI = nil _ *compute.ClustersAPI = nil _ *compute.CommandExecutionAPI = nil @@ -311,6 +310,7 @@ var ( _ *marketplace.ConsumerPersonalizationRequestsAPI = nil _ *marketplace.ConsumerProvidersAPI = nil _ *provisioning.CredentialsAPI = nil + _ *catalog.CredentialsAPI = nil _ *settings.CredentialsManagerAPI = nil _ *settings.CspEnablementAccountAPI = nil _ *iam.CurrentUserAPI = nil diff --git a/service/provisioning/model.go b/service/provisioning/model.go index ca8e3959a..ddaa35c85 100755 --- a/service/provisioning/model.go +++ b/service/provisioning/model.go @@ -1031,6 +1031,9 @@ type UpdateWorkspaceRequest struct { // switch from a Databricks-managed VPC to a customer-managed VPC by // updating the workspace to add a network configuration ID. NetworkId string `json:"network_id,omitempty"` + // The ID of the workspace's private access settings configuration object. + // This parameter is available only for updating failed workspaces. + PrivateAccessSettingsId string `json:"private_access_settings_id,omitempty"` // The ID of the workspace's storage configuration object. This parameter is // available only for updating failed workspaces. StorageConfigurationId string `json:"storage_configuration_id,omitempty"` diff --git a/service/serving/api.go b/service/serving/api.go index 3f73673e7..cddbdd737 100755 --- a/service/serving/api.go +++ b/service/serving/api.go @@ -150,7 +150,8 @@ type ServingEndpointsInterface interface { // Set serving endpoint permissions. // - // Sets permissions on a serving endpoint. Serving endpoints can inherit + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit // permissions from their root object. SetPermissions(ctx context.Context, request ServingEndpointPermissionsRequest) (*ServingEndpointPermissions, error) diff --git a/service/serving/interface.go b/service/serving/interface.go index 4f60ee2e7..0a38190a9 100755 --- a/service/serving/interface.go +++ b/service/serving/interface.go @@ -95,8 +95,9 @@ type ServingEndpointsService interface { // Set serving endpoint permissions. // - // Sets permissions on a serving endpoint. Serving endpoints can inherit - // permissions from their root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request ServingEndpointPermissionsRequest) (*ServingEndpointPermissions, error) // Update config of a serving endpoint. diff --git a/service/settings/api.go b/service/settings/api.go index fba10af37..4bdd59b48 100755 --- a/service/settings/api.go +++ b/service/settings/api.go @@ -1778,8 +1778,9 @@ type TokenManagementInterface interface { // Set token permissions. // - // Sets permissions on all tokens. Tokens can inherit permissions from their - // root object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their root object. SetPermissions(ctx context.Context, request TokenPermissionsRequest) (*TokenPermissions, error) // Update token permissions. diff --git a/service/settings/interface.go b/service/settings/interface.go index 5799ac700..60484c7b6 100755 --- a/service/settings/interface.go +++ b/service/settings/interface.go @@ -687,8 +687,9 @@ type TokenManagementService interface { // Set token permissions. // - // Sets permissions on all tokens. Tokens can inherit permissions from their - // root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request TokenPermissionsRequest) (*TokenPermissions, error) // Update token permissions. diff --git a/service/sharing/api.go b/service/sharing/api.go index a3436ebc2..941f6ae3f 100755 --- a/service/sharing/api.go +++ b/service/sharing/api.go @@ -1,6 +1,6 @@ // Code generated from OpenAPI specs by Databricks SDK Generator. DO NOT EDIT. -// These APIs allow you to manage Clean Rooms, Providers, Recipient Activation, Recipients, Shares, etc. +// These APIs allow you to manage Providers, Recipient Activation, Recipients, Shares, etc. package sharing import ( @@ -13,157 +13,6 @@ import ( "github.com/databricks/databricks-sdk-go/useragent" ) -type CleanRoomsInterface interface { - - // Create a clean room. - // - // Creates a new clean room with specified colaborators. The caller must be a - // metastore admin or have the **CREATE_CLEAN_ROOM** privilege on the metastore. - Create(ctx context.Context, request CreateCleanRoom) (*CleanRoomInfo, error) - - // Delete a clean room. - // - // Deletes a data object clean room from the metastore. The caller must be an - // owner of the clean room. - Delete(ctx context.Context, request DeleteCleanRoomRequest) error - - // Delete a clean room. - // - // Deletes a data object clean room from the metastore. The caller must be an - // owner of the clean room. - DeleteByName(ctx context.Context, name string) error - - // Get a clean room. - // - // Gets a data object clean room from the metastore. The caller must be a - // metastore admin or the owner of the clean room. - Get(ctx context.Context, request GetCleanRoomRequest) (*CleanRoomInfo, error) - - // Get a clean room. - // - // Gets a data object clean room from the metastore. The caller must be a - // metastore admin or the owner of the clean room. - GetByName(ctx context.Context, name string) (*CleanRoomInfo, error) - - // List clean rooms. - // - // Gets an array of data object clean rooms from the metastore. The caller must - // be a metastore admin or the owner of the clean room. There is no guarantee of - // a specific ordering of the elements in the array. - // - // This method is generated by Databricks SDK Code Generator. - List(ctx context.Context, request ListCleanRoomsRequest) listing.Iterator[CleanRoomInfo] - - // List clean rooms. - // - // Gets an array of data object clean rooms from the metastore. The caller must - // be a metastore admin or the owner of the clean room. There is no guarantee of - // a specific ordering of the elements in the array. - // - // This method is generated by Databricks SDK Code Generator. - ListAll(ctx context.Context, request ListCleanRoomsRequest) ([]CleanRoomInfo, error) - - // Update a clean room. - // - // Updates the clean room with the changes and data objects in the request. The - // caller must be the owner of the clean room or a metastore admin. - // - // When the caller is a metastore admin, only the __owner__ field can be - // updated. - // - // In the case that the clean room name is changed **updateCleanRoom** requires - // that the caller is both the clean room owner and a metastore admin. - // - // For each table that is added through this method, the clean room owner must - // also have **SELECT** privilege on the table. The privilege must be maintained - // indefinitely for recipients to be able to access the table. Typically, you - // should use a group as the clean room owner. - // - // Table removals through **update** do not require additional privileges. - Update(ctx context.Context, request UpdateCleanRoom) (*CleanRoomInfo, error) -} - -func NewCleanRooms(client *client.DatabricksClient) *CleanRoomsAPI { - return &CleanRoomsAPI{ - cleanRoomsImpl: cleanRoomsImpl{ - client: client, - }, - } -} - -// A clean room is a secure, privacy-protecting environment where two or more -// parties can share sensitive enterprise data, including customer data, for -// measurements, insights, activation and other use cases. -// -// To create clean rooms, you must be a metastore admin or a user with the -// **CREATE_CLEAN_ROOM** privilege. -type CleanRoomsAPI struct { - cleanRoomsImpl -} - -// Delete a clean room. -// -// Deletes a data object clean room from the metastore. The caller must be an -// owner of the clean room. -func (a *CleanRoomsAPI) DeleteByName(ctx context.Context, name string) error { - return a.cleanRoomsImpl.Delete(ctx, DeleteCleanRoomRequest{ - Name: name, - }) -} - -// Get a clean room. -// -// Gets a data object clean room from the metastore. The caller must be a -// metastore admin or the owner of the clean room. -func (a *CleanRoomsAPI) GetByName(ctx context.Context, name string) (*CleanRoomInfo, error) { - return a.cleanRoomsImpl.Get(ctx, GetCleanRoomRequest{ - Name: name, - }) -} - -// List clean rooms. -// -// Gets an array of data object clean rooms from the metastore. The caller must -// be a metastore admin or the owner of the clean room. There is no guarantee of -// a specific ordering of the elements in the array. -// -// This method is generated by Databricks SDK Code Generator. -func (a *CleanRoomsAPI) List(ctx context.Context, request ListCleanRoomsRequest) listing.Iterator[CleanRoomInfo] { - - getNextPage := func(ctx context.Context, req ListCleanRoomsRequest) (*ListCleanRoomsResponse, error) { - ctx = useragent.InContext(ctx, "sdk-feature", "pagination") - return a.cleanRoomsImpl.List(ctx, req) - } - getItems := func(resp *ListCleanRoomsResponse) []CleanRoomInfo { - return resp.CleanRooms - } - getNextReq := func(resp *ListCleanRoomsResponse) *ListCleanRoomsRequest { - if resp.NextPageToken == "" { - return nil - } - request.PageToken = resp.NextPageToken - return &request - } - iterator := listing.NewIterator( - &request, - getNextPage, - getItems, - getNextReq) - return iterator -} - -// List clean rooms. -// -// Gets an array of data object clean rooms from the metastore. The caller must -// be a metastore admin or the owner of the clean room. There is no guarantee of -// a specific ordering of the elements in the array. -// -// This method is generated by Databricks SDK Code Generator. -func (a *CleanRoomsAPI) ListAll(ctx context.Context, request ListCleanRoomsRequest) ([]CleanRoomInfo, error) { - iterator := a.List(ctx, request) - return listing.ToSlice[CleanRoomInfo](ctx, iterator) -} - type ProvidersInterface interface { // Create an auth provider. diff --git a/service/sharing/impl.go b/service/sharing/impl.go index 3aade911d..8eb8b3378 100755 --- a/service/sharing/impl.go +++ b/service/sharing/impl.go @@ -12,58 +12,6 @@ import ( "github.com/databricks/databricks-sdk-go/service/catalog" ) -// unexported type that holds implementations of just CleanRooms API methods -type cleanRoomsImpl struct { - client *client.DatabricksClient -} - -func (a *cleanRoomsImpl) Create(ctx context.Context, request CreateCleanRoom) (*CleanRoomInfo, error) { - var cleanRoomInfo CleanRoomInfo - path := "/api/2.1/unity-catalog/clean-rooms" - headers := make(map[string]string) - headers["Accept"] = "application/json" - headers["Content-Type"] = "application/json" - err := a.client.Do(ctx, http.MethodPost, path, headers, request, &cleanRoomInfo) - return &cleanRoomInfo, err -} - -func (a *cleanRoomsImpl) Delete(ctx context.Context, request DeleteCleanRoomRequest) error { - var deleteResponse DeleteResponse - path := fmt.Sprintf("/api/2.1/unity-catalog/clean-rooms/%v", request.Name) - headers := make(map[string]string) - headers["Accept"] = "application/json" - err := a.client.Do(ctx, http.MethodDelete, path, headers, request, &deleteResponse) - return err -} - -func (a *cleanRoomsImpl) Get(ctx context.Context, request GetCleanRoomRequest) (*CleanRoomInfo, error) { - var cleanRoomInfo CleanRoomInfo - path := fmt.Sprintf("/api/2.1/unity-catalog/clean-rooms/%v", request.Name) - headers := make(map[string]string) - headers["Accept"] = "application/json" - err := a.client.Do(ctx, http.MethodGet, path, headers, request, &cleanRoomInfo) - return &cleanRoomInfo, err -} - -func (a *cleanRoomsImpl) List(ctx context.Context, request ListCleanRoomsRequest) (*ListCleanRoomsResponse, error) { - var listCleanRoomsResponse ListCleanRoomsResponse - path := "/api/2.1/unity-catalog/clean-rooms" - headers := make(map[string]string) - headers["Accept"] = "application/json" - err := a.client.Do(ctx, http.MethodGet, path, headers, request, &listCleanRoomsResponse) - return &listCleanRoomsResponse, err -} - -func (a *cleanRoomsImpl) Update(ctx context.Context, request UpdateCleanRoom) (*CleanRoomInfo, error) { - var cleanRoomInfo CleanRoomInfo - path := fmt.Sprintf("/api/2.1/unity-catalog/clean-rooms/%v", request.Name) - headers := make(map[string]string) - headers["Accept"] = "application/json" - headers["Content-Type"] = "application/json" - err := a.client.Do(ctx, http.MethodPatch, path, headers, request, &cleanRoomInfo) - return &cleanRoomInfo, err -} - // unexported type that holds implementations of just Providers API methods type providersImpl struct { client *client.DatabricksClient diff --git a/service/sharing/interface.go b/service/sharing/interface.go index beb02960b..4f7e44ca9 100755 --- a/service/sharing/interface.go +++ b/service/sharing/interface.go @@ -8,63 +8,6 @@ import ( "github.com/databricks/databricks-sdk-go/service/catalog" ) -// A clean room is a secure, privacy-protecting environment where two or more -// parties can share sensitive enterprise data, including customer data, for -// measurements, insights, activation and other use cases. -// -// To create clean rooms, you must be a metastore admin or a user with the -// **CREATE_CLEAN_ROOM** privilege. -type CleanRoomsService interface { - - // Create a clean room. - // - // Creates a new clean room with specified colaborators. The caller must be - // a metastore admin or have the **CREATE_CLEAN_ROOM** privilege on the - // metastore. - Create(ctx context.Context, request CreateCleanRoom) (*CleanRoomInfo, error) - - // Delete a clean room. - // - // Deletes a data object clean room from the metastore. The caller must be - // an owner of the clean room. - Delete(ctx context.Context, request DeleteCleanRoomRequest) error - - // Get a clean room. - // - // Gets a data object clean room from the metastore. The caller must be a - // metastore admin or the owner of the clean room. - Get(ctx context.Context, request GetCleanRoomRequest) (*CleanRoomInfo, error) - - // List clean rooms. - // - // Gets an array of data object clean rooms from the metastore. The caller - // must be a metastore admin or the owner of the clean room. There is no - // guarantee of a specific ordering of the elements in the array. - // - // Use ListAll() to get all CleanRoomInfo instances, which will iterate over every result page. - List(ctx context.Context, request ListCleanRoomsRequest) (*ListCleanRoomsResponse, error) - - // Update a clean room. - // - // Updates the clean room with the changes and data objects in the request. - // The caller must be the owner of the clean room or a metastore admin. - // - // When the caller is a metastore admin, only the __owner__ field can be - // updated. - // - // In the case that the clean room name is changed **updateCleanRoom** - // requires that the caller is both the clean room owner and a metastore - // admin. - // - // For each table that is added through this method, the clean room owner - // must also have **SELECT** privilege on the table. The privilege must be - // maintained indefinitely for recipients to be able to access the table. - // Typically, you should use a group as the clean room owner. - // - // Table removals through **update** do not require additional privileges. - Update(ctx context.Context, request UpdateCleanRoom) (*CleanRoomInfo, error) -} - // A data provider is an object representing the organization in the real world // who shares the data. A provider contains shares which further contain the // shared data. diff --git a/service/sharing/model.go b/service/sharing/model.go index d9425ba1a..f3caba4e0 100755 --- a/service/sharing/model.go +++ b/service/sharing/model.go @@ -37,324 +37,6 @@ func (f *AuthenticationType) Type() string { return "AuthenticationType" } -type CentralCleanRoomInfo struct { - // All assets from all collaborators that are available in the clean room. - // Only one of table_info or notebook_info will be filled in. - CleanRoomAssets []CleanRoomAssetInfo `json:"clean_room_assets,omitempty"` - // All collaborators who are in the clean room. - Collaborators []CleanRoomCollaboratorInfo `json:"collaborators,omitempty"` - // The collaborator who created the clean room. - Creator *CleanRoomCollaboratorInfo `json:"creator,omitempty"` - // The cloud where clean room tasks will be run. - StationCloud string `json:"station_cloud,omitempty"` - // The region where clean room tasks will be run. - StationRegion string `json:"station_region,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *CentralCleanRoomInfo) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s CentralCleanRoomInfo) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -type CleanRoomAssetInfo struct { - // Time at which this asset was added, in epoch milliseconds. - AddedAt int64 `json:"added_at,omitempty"` - // Details about the notebook asset. - NotebookInfo *CleanRoomNotebookInfo `json:"notebook_info,omitempty"` - // The collaborator who owns the asset. - Owner *CleanRoomCollaboratorInfo `json:"owner,omitempty"` - // Details about the table asset. - TableInfo *CleanRoomTableInfo `json:"table_info,omitempty"` - // Time at which this asset was updated, in epoch milliseconds. - UpdatedAt int64 `json:"updated_at,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *CleanRoomAssetInfo) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s CleanRoomAssetInfo) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -type CleanRoomCatalog struct { - // Name of the catalog in the clean room station. Empty for notebooks. - CatalogName string `json:"catalog_name,omitempty"` - // The details of the shared notebook files. - NotebookFiles []SharedDataObject `json:"notebook_files,omitempty"` - // The details of the shared tables. - Tables []SharedDataObject `json:"tables,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *CleanRoomCatalog) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s CleanRoomCatalog) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -type CleanRoomCatalogUpdate struct { - // The name of the catalog to update assets. - CatalogName string `json:"catalog_name,omitempty"` - // The updates to the assets in the catalog. - Updates *SharedDataObjectUpdate `json:"updates,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *CleanRoomCatalogUpdate) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s CleanRoomCatalogUpdate) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -type CleanRoomCollaboratorInfo struct { - // The global Unity Catalog metastore id of the collaborator. Also known as - // the sharing identifier. The identifier is of format - // __cloud__:__region__:__metastore-uuid__. - GlobalMetastoreId string `json:"global_metastore_id,omitempty"` - // The organization name of the collaborator. This is configured in the - // metastore for Delta Sharing and is used to identify the organization to - // other collaborators. - OrganizationName string `json:"organization_name,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *CleanRoomCollaboratorInfo) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s CleanRoomCollaboratorInfo) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -type CleanRoomInfo struct { - // User-provided free-form text description. - Comment string `json:"comment,omitempty"` - // Time at which this clean room was created, in epoch milliseconds. - CreatedAt int64 `json:"created_at,omitempty"` - // Username of clean room creator. - CreatedBy string `json:"created_by,omitempty"` - // Catalog aliases shared by the current collaborator with asset details. - LocalCatalogs []CleanRoomCatalog `json:"local_catalogs,omitempty"` - // Name of the clean room. - Name string `json:"name,omitempty"` - // Username of current owner of clean room. - Owner string `json:"owner,omitempty"` - // Central clean room details. - RemoteDetailedInfo *CentralCleanRoomInfo `json:"remote_detailed_info,omitempty"` - // Time at which this clean room was updated, in epoch milliseconds. - UpdatedAt int64 `json:"updated_at,omitempty"` - // Username of clean room updater. - UpdatedBy string `json:"updated_by,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *CleanRoomInfo) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s CleanRoomInfo) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -type CleanRoomNotebookInfo struct { - // The base64 representation of the notebook content in HTML. - NotebookContent string `json:"notebook_content,omitempty"` - // The name of the notebook. - NotebookName string `json:"notebook_name,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *CleanRoomNotebookInfo) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s CleanRoomNotebookInfo) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -type CleanRoomTableInfo struct { - // Name of parent catalog. - CatalogName string `json:"catalog_name,omitempty"` - // The array of __ColumnInfo__ definitions of the table's columns. - Columns []ColumnInfo `json:"columns,omitempty"` - // Full name of table, in form of - // __catalog_name__.__schema_name__.__table_name__ - FullName string `json:"full_name,omitempty"` - // Name of table, relative to parent schema. - Name string `json:"name,omitempty"` - // Name of parent schema relative to its parent catalog. - SchemaName string `json:"schema_name,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *CleanRoomTableInfo) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s CleanRoomTableInfo) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -type ColumnInfo struct { - // User-provided free-form text description. - Comment string `json:"comment,omitempty"` - - Mask *ColumnMask `json:"mask,omitempty"` - // Name of Column. - Name string `json:"name,omitempty"` - // Whether field may be Null (default: true). - Nullable bool `json:"nullable,omitempty"` - // Partition index for column. - PartitionIndex int `json:"partition_index,omitempty"` - // Ordinal position of column (starting at position 0). - Position int `json:"position,omitempty"` - // Format of IntervalType. - TypeIntervalType string `json:"type_interval_type,omitempty"` - // Full data type specification, JSON-serialized. - TypeJson string `json:"type_json,omitempty"` - // Name of type (INT, STRUCT, MAP, etc.). - TypeName ColumnTypeName `json:"type_name,omitempty"` - // Digits of precision; required for DecimalTypes. - TypePrecision int `json:"type_precision,omitempty"` - // Digits to right of decimal; Required for DecimalTypes. - TypeScale int `json:"type_scale,omitempty"` - // Full data type specification as SQL/catalogString text. - TypeText string `json:"type_text,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *ColumnInfo) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s ColumnInfo) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -type ColumnMask struct { - // The full name of the column mask SQL UDF. - FunctionName string `json:"function_name,omitempty"` - // The list of additional table columns to be passed as input to the column - // mask function. The first arg of the mask function should be of the type - // of the column being masked and the types of the rest of the args should - // match the types of columns in 'using_column_names'. - UsingColumnNames []string `json:"using_column_names,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *ColumnMask) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s ColumnMask) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -// Name of type (INT, STRUCT, MAP, etc.). -type ColumnTypeName string - -const ColumnTypeNameArray ColumnTypeName = `ARRAY` - -const ColumnTypeNameBinary ColumnTypeName = `BINARY` - -const ColumnTypeNameBoolean ColumnTypeName = `BOOLEAN` - -const ColumnTypeNameByte ColumnTypeName = `BYTE` - -const ColumnTypeNameChar ColumnTypeName = `CHAR` - -const ColumnTypeNameDate ColumnTypeName = `DATE` - -const ColumnTypeNameDecimal ColumnTypeName = `DECIMAL` - -const ColumnTypeNameDouble ColumnTypeName = `DOUBLE` - -const ColumnTypeNameFloat ColumnTypeName = `FLOAT` - -const ColumnTypeNameInt ColumnTypeName = `INT` - -const ColumnTypeNameInterval ColumnTypeName = `INTERVAL` - -const ColumnTypeNameLong ColumnTypeName = `LONG` - -const ColumnTypeNameMap ColumnTypeName = `MAP` - -const ColumnTypeNameNull ColumnTypeName = `NULL` - -const ColumnTypeNameShort ColumnTypeName = `SHORT` - -const ColumnTypeNameString ColumnTypeName = `STRING` - -const ColumnTypeNameStruct ColumnTypeName = `STRUCT` - -const ColumnTypeNameTableType ColumnTypeName = `TABLE_TYPE` - -const ColumnTypeNameTimestamp ColumnTypeName = `TIMESTAMP` - -const ColumnTypeNameTimestampNtz ColumnTypeName = `TIMESTAMP_NTZ` - -const ColumnTypeNameUserDefinedType ColumnTypeName = `USER_DEFINED_TYPE` - -// String representation for [fmt.Print] -func (f *ColumnTypeName) String() string { - return string(*f) -} - -// Set raw string value and validate it against allowed values -func (f *ColumnTypeName) Set(v string) error { - switch v { - case `ARRAY`, `BINARY`, `BOOLEAN`, `BYTE`, `CHAR`, `DATE`, `DECIMAL`, `DOUBLE`, `FLOAT`, `INT`, `INTERVAL`, `LONG`, `MAP`, `NULL`, `SHORT`, `STRING`, `STRUCT`, `TABLE_TYPE`, `TIMESTAMP`, `TIMESTAMP_NTZ`, `USER_DEFINED_TYPE`: - *f = ColumnTypeName(v) - return nil - default: - return fmt.Errorf(`value "%s" is not one of "ARRAY", "BINARY", "BOOLEAN", "BYTE", "CHAR", "DATE", "DECIMAL", "DOUBLE", "FLOAT", "INT", "INTERVAL", "LONG", "MAP", "NULL", "SHORT", "STRING", "STRUCT", "TABLE_TYPE", "TIMESTAMP", "TIMESTAMP_NTZ", "USER_DEFINED_TYPE"`, v) - } -} - -// Type always returns ColumnTypeName to satisfy [pflag.Value] interface -func (f *ColumnTypeName) Type() string { - return "ColumnTypeName" -} - -type CreateCleanRoom struct { - // User-provided free-form text description. - Comment string `json:"comment,omitempty"` - // Name of the clean room. - Name string `json:"name"` - // Central clean room details. - RemoteDetailedInfo CentralCleanRoomInfo `json:"remote_detailed_info"` - - ForceSendFields []string `json:"-"` -} - -func (s *CreateCleanRoom) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s CreateCleanRoom) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - type CreateProvider struct { // The delta sharing authentication type. AuthenticationType AuthenticationType `json:"authentication_type"` @@ -431,12 +113,6 @@ func (s CreateShare) MarshalJSON() ([]byte, error) { return marshal.Marshal(s) } -// Delete a clean room -type DeleteCleanRoomRequest struct { - // The name of the clean room. - Name string `json:"-" url:"-"` -} - // Delete a provider type DeleteProviderRequest struct { // Name of the provider. @@ -467,24 +143,6 @@ type GetActivationUrlInfoRequest struct { type GetActivationUrlInfoResponse struct { } -// Get a clean room -type GetCleanRoomRequest struct { - // Whether to include remote details (central) on the clean room. - IncludeRemoteDetails bool `json:"-" url:"include_remote_details,omitempty"` - // The name of the clean room. - Name string `json:"-" url:"-"` - - ForceSendFields []string `json:"-"` -} - -func (s *GetCleanRoomRequest) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s GetCleanRoomRequest) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - // Get a provider type GetProviderRequest struct { // Name of the provider. @@ -539,48 +197,6 @@ type IpAccessList struct { AllowedIpAddresses []string `json:"allowed_ip_addresses,omitempty"` } -// List clean rooms -type ListCleanRoomsRequest struct { - // Maximum number of clean rooms to return. If not set, all the clean rooms - // are returned (not recommended). - when set to a value greater than 0, the - // page length is the minimum of this value and a server configured value; - - // when set to 0, the page length is set to a server configured value - // (recommended); - when set to a value less than 0, an invalid parameter - // error is returned; - MaxResults int `json:"-" url:"max_results,omitempty"` - // Opaque pagination token to go to next page based on previous query. - PageToken string `json:"-" url:"page_token,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *ListCleanRoomsRequest) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s ListCleanRoomsRequest) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - -type ListCleanRoomsResponse struct { - // An array of clean rooms. Remote details (central) are not included. - CleanRooms []CleanRoomInfo `json:"clean_rooms,omitempty"` - // Opaque token to retrieve the next page of results. Absent if there are no - // more pages. __page_token__ should be set to this value for the next - // request (for the next page of results). - NextPageToken string `json:"next_page_token,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *ListCleanRoomsResponse) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s ListCleanRoomsResponse) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - type ListProviderSharesResponse struct { // Opaque token to retrieve the next page of results. Absent if there are no // more pages. __page_token__ should be set to this value for the next @@ -1414,27 +1030,6 @@ func (f *SharedDataObjectUpdateAction) Type() string { return "SharedDataObjectUpdateAction" } -type UpdateCleanRoom struct { - // Array of shared data object updates. - CatalogUpdates []CleanRoomCatalogUpdate `json:"catalog_updates,omitempty"` - // User-provided free-form text description. - Comment string `json:"comment,omitempty"` - // The name of the clean room. - Name string `json:"-" url:"-"` - // Username of current owner of clean room. - Owner string `json:"owner,omitempty"` - - ForceSendFields []string `json:"-"` -} - -func (s *UpdateCleanRoom) UnmarshalJSON(b []byte) error { - return marshal.Unmarshal(b, s) -} - -func (s UpdateCleanRoom) MarshalJSON() ([]byte, error) { - return marshal.Marshal(s) -} - type UpdatePermissionsResponse struct { } diff --git a/service/sql/api.go b/service/sql/api.go index 49c4846c7..784b33de4 100755 --- a/service/sql/api.go +++ b/service/sql/api.go @@ -1959,8 +1959,9 @@ type WarehousesInterface interface { // Set SQL warehouse permissions. // - // Sets permissions on a SQL warehouse. SQL warehouses can inherit permissions - // from their root object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their root object. SetPermissions(ctx context.Context, request WarehousePermissionsRequest) (*WarehousePermissions, error) // Set the workspace configuration. diff --git a/service/sql/interface.go b/service/sql/interface.go index 985b2b724..7e1d2838f 100755 --- a/service/sql/interface.go +++ b/service/sql/interface.go @@ -674,8 +674,9 @@ type WarehousesService interface { // Set SQL warehouse permissions. // - // Sets permissions on a SQL warehouse. SQL warehouses can inherit - // permissions from their root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request WarehousePermissionsRequest) (*WarehousePermissions, error) // Set the workspace configuration. diff --git a/service/workspace/api.go b/service/workspace/api.go index c818f2711..59eac85ec 100755 --- a/service/workspace/api.go +++ b/service/workspace/api.go @@ -294,8 +294,9 @@ type ReposInterface interface { // Set repo permissions. // - // Sets permissions on a repo. Repos can inherit permissions from their root - // object. + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit + // permissions from their root object. SetPermissions(ctx context.Context, request RepoPermissionsRequest) (*RepoPermissions, error) // Update a repo. @@ -1010,7 +1011,8 @@ type WorkspaceInterface interface { // Set workspace object permissions. // - // Sets permissions on a workspace object. Workspace objects can inherit + // Sets permissions on an object, replacing existing permissions if they exist. + // Deletes all direct permissions if none are specified. Objects can inherit // permissions from their parent objects or root object. SetPermissions(ctx context.Context, request WorkspaceObjectPermissionsRequest) (*WorkspaceObjectPermissions, error) diff --git a/service/workspace/interface.go b/service/workspace/interface.go index 43ddfc389..022dc43fa 100755 --- a/service/workspace/interface.go +++ b/service/workspace/interface.go @@ -96,8 +96,9 @@ type ReposService interface { // Set repo permissions. // - // Sets permissions on a repo. Repos can inherit permissions from their root - // object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their root object. SetPermissions(ctx context.Context, request RepoPermissionsRequest) (*RepoPermissions, error) // Update a repo. @@ -359,8 +360,9 @@ type WorkspaceService interface { // Set workspace object permissions. // - // Sets permissions on a workspace object. Workspace objects can inherit - // permissions from their parent objects or root object. + // Sets permissions on an object, replacing existing permissions if they + // exist. Deletes all direct permissions if none are specified. Objects can + // inherit permissions from their parent objects or root object. SetPermissions(ctx context.Context, request WorkspaceObjectPermissionsRequest) (*WorkspaceObjectPermissions, error) // Update workspace object permissions. diff --git a/service/workspace/model.go b/service/workspace/model.go index 840903517..48b104422 100755 --- a/service/workspace/model.go +++ b/service/workspace/model.go @@ -555,6 +555,8 @@ const ImportFormatHtml ImportFormat = `HTML` // The notebook is imported as a Jupyter/IPython Notebook file. const ImportFormatJupyter ImportFormat = `JUPYTER` +const ImportFormatRaw ImportFormat = `RAW` + // The notebook is imported from R Markdown format. const ImportFormatRMarkdown ImportFormat = `R_MARKDOWN` @@ -569,11 +571,11 @@ func (f *ImportFormat) String() string { // Set raw string value and validate it against allowed values func (f *ImportFormat) Set(v string) error { switch v { - case `AUTO`, `DBC`, `HTML`, `JUPYTER`, `R_MARKDOWN`, `SOURCE`: + case `AUTO`, `DBC`, `HTML`, `JUPYTER`, `RAW`, `R_MARKDOWN`, `SOURCE`: *f = ImportFormat(v) return nil default: - return fmt.Errorf(`value "%s" is not one of "AUTO", "DBC", "HTML", "JUPYTER", "R_MARKDOWN", "SOURCE"`, v) + return fmt.Errorf(`value "%s" is not one of "AUTO", "DBC", "HTML", "JUPYTER", "RAW", "R_MARKDOWN", "SOURCE"`, v) } } diff --git a/version/version.go b/version/version.go index 244a301de..be8b9edcc 100644 --- a/version/version.go +++ b/version/version.go @@ -1,4 +1,4 @@ package version // Version of the SDK, updated manually before every tag -const Version = "0.50.0" +const Version = "0.51.0" diff --git a/workspace_client.go b/workspace_client.go index 8aaa87f79..eac0d3a9a 100755 --- a/workspace_client.go +++ b/workspace_client.go @@ -78,14 +78,6 @@ type WorkspaceClient struct { // depending on privileges granted centrally in Unity Catalog. Catalogs catalog.CatalogsInterface - // A clean room is a secure, privacy-protecting environment where two or - // more parties can share sensitive enterprise data, including customer - // data, for measurements, insights, activation and other use cases. - // - // To create clean rooms, you must be a metastore admin or a user with the - // **CREATE_CLEAN_ROOM** privilege. - CleanRooms sharing.CleanRoomsInterface - // You can use cluster policies to control users' ability to configure // clusters based on a set of rules. These rules specify which attributes or // attribute values can be used during cluster creation. Cluster policies @@ -176,6 +168,17 @@ type WorkspaceClient struct { // Providers are the entities that publish listings to the Marketplace. ConsumerProviders marketplace.ConsumerProvidersInterface + // A credential represents an authentication and authorization mechanism for + // accessing services on your cloud tenant. Each credential is subject to + // Unity Catalog access-control policies that control which users and groups + // can access the credential. + // + // To create credentials, you must be a Databricks account admin or have the + // `CREATE SERVICE CREDENTIAL privilege. The user who creates the credential + // can delegate ownership to another user or group to manage permissions on + // it + Credentials catalog.CredentialsInterface + // Credentials manager interacts with with Identity Providers to to perform // token exchanges using stored credentials and refresh tokens. CredentialsManager settings.CredentialsManagerInterface @@ -1139,7 +1142,6 @@ func NewWorkspaceClient(c ...*Config) (*WorkspaceClient, error) { Apps: apps.NewApps(databricksClient), ArtifactAllowlists: catalog.NewArtifactAllowlists(databricksClient), Catalogs: catalog.NewCatalogs(databricksClient), - CleanRooms: sharing.NewCleanRooms(databricksClient), ClusterPolicies: compute.NewClusterPolicies(databricksClient), Clusters: compute.NewClusters(databricksClient), CommandExecution: compute.NewCommandExecution(databricksClient), @@ -1149,6 +1151,7 @@ func NewWorkspaceClient(c ...*Config) (*WorkspaceClient, error) { ConsumerListings: marketplace.NewConsumerListings(databricksClient), ConsumerPersonalizationRequests: marketplace.NewConsumerPersonalizationRequests(databricksClient), ConsumerProviders: marketplace.NewConsumerProviders(databricksClient), + Credentials: catalog.NewCredentials(databricksClient), CredentialsManager: settings.NewCredentialsManager(databricksClient), CurrentUser: iam.NewCurrentUser(databricksClient), DashboardWidgets: sql.NewDashboardWidgets(databricksClient),