Skip to content

Commit

Permalink
sql: add new system.privileges table
Browse files Browse the repository at this point in the history 
First step in upcoming privileges work.
Explained in RFC: cockroachdb#80580

Release note: None
  • Loading branch information
@RichardJCai
RichardJCai committed Jun 23, 2022
1 parent 9e47dc9 commit b17caa8
Show file tree
Hide file tree
Showing 47 changed files with 478 additions and 158 deletions.
2 changes: 1 addition & 1 deletion docs/generated/settings/settings-for-tenants.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -281,4 +281,4 @@ trace.jaeger.agent string the address of a Jaeger agent to receive traces using
trace.opentelemetry.collector string address of an OpenTelemetry trace collector to receive traces using the otel gRPC protocol, as <host>:<port>. If no port is specified, 4317 will be used.
trace.span_registry.enabled boolean true if set, ongoing traces can be seen at https://<ui>/#/debug/tracez
trace.zipkin.collector string the address of a Zipkin instance to receive traces, as <host>:<port>. If no port is specified, 9411 will be used.
version version 22.1-20 set the active cluster version in the format '<major>.<minor>'
version version 22.1-22 set the active cluster version in the format '<major>.<minor>'
2 changes: 1 addition & 1 deletion docs/generated/settings/settings.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -212,6 +212,6 @@
<tr><td><code>trace.opentelemetry.collector</code></td><td>string</td><td><code></code></td><td>address of an OpenTelemetry trace collector to receive traces using the otel gRPC protocol, as <host>:<port>. If no port is specified, 4317 will be used.</td></tr>
<tr><td><code>trace.span_registry.enabled</code></td><td>boolean</td><td><code>true</code></td><td>if set, ongoing traces can be seen at https://<ui>/#/debug/tracez</td></tr>
<tr><td><code>trace.zipkin.collector</code></td><td>string</td><td><code></code></td><td>the address of a Zipkin instance to receive traces, as <host>:<port>. If no port is specified, 9411 will be used.</td></tr>
<tr><td><code>version</code></td><td>version</td><td><code>22.1-20</code></td><td>set the active cluster version in the format '<major>.<minor>'</td></tr>
<tr><td><code>version</code></td><td>version</td><td><code>22.1-22</code></td><td>set the active cluster version in the format '<major>.<minor>'</td></tr>
</tbody>
</table>
3 changes: 3 additions & 0 deletions pkg/ccl/backupccl/system_schema.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -402,6 +402,9 @@ var systemTableBackupConfiguration = map[string]systemBackupConfiguration{
systemschema.SpanCountTable.GetName(): {
shouldIncludeInClusterBackup: optOutOfClusterBackup,
},
systemschema.SystemPrivilegeTable.GetName(): {
shouldIncludeInClusterBackup: optOutOfClusterBackup,
},
}

// GetSystemTablesToIncludeInClusterBackup returns a set of system table names that
Expand Down
4 changes: 4 additions & 0 deletions pkg/ccl/spanconfigccl/spanconfigreconcilerccl/testdata/basic
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ upsert /Table/4{5-6} ttl_seconds=7200 ignore_strict_gc=tru
upsert /Table/4{6-7} database system (host)
upsert /Table/4{7-8} database system (host)
upsert /Table/5{0-1} database system (host)
upsert /Table/5{1-2} database system (host)

exec-sql
CREATE DATABASE db;
Expand Down Expand Up @@ -92,6 +93,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/10{6-7} num_replicas=7 num_voters=5
/Table/10{7-8} num_replicas=7
/Table/11{2-3} num_replicas=7
Expand Down Expand Up @@ -183,6 +185,8 @@ delete /Table/4{7-8}
upsert /Table/4{7-8} ttl_seconds=100 ignore_strict_gc=true num_replicas=5 rangefeed_enabled=true
delete /Table/5{0-1}
upsert /Table/5{0-1} ttl_seconds=100 ignore_strict_gc=true num_replicas=5 rangefeed_enabled=true
delete /Table/5{1-2}
upsert /Table/5{1-2} ttl_seconds=100 ignore_strict_gc=true num_replicas=5 rangefeed_enabled=true

state offset=5 limit=42
----
Expand Down
5 changes: 5 additions & 0 deletions pkg/ccl/spanconfigccl/spanconfigreconcilerccl/testdata/indexes
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/10{6-7} range default

exec-sql
Expand All @@ -44,6 +45,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/106{-/2} num_replicas=7
/Table/106/{2-3} num_replicas=7 num_voters=5
/Table/10{6/3-7} num_replicas=7
Expand All @@ -68,6 +70,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/106{-/2} ttl_seconds=3600 num_replicas=7
/Table/106/{2-3} ttl_seconds=25 num_replicas=7 num_voters=5
/Table/10{6/3-7} ttl_seconds=3600 num_replicas=7
Expand All @@ -82,6 +85,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/106{-/2} ttl_seconds=3600 num_replicas=9
/Table/106/{2-3} ttl_seconds=25 num_replicas=9 num_voters=5
/Table/10{6/3-7} ttl_seconds=3600 num_replicas=9
Expand Down Expand Up @@ -110,3 +114,4 @@ state offset=46
...
/Table/4{7-8} database system (host)
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
6 changes: 6 additions & 0 deletions pkg/ccl/spanconfigccl/spanconfigreconcilerccl/testdata/multitenant/basic
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Tenant/10{-"\x00"} database system (tenant)
/Tenant/11{-"\x00"} database system (tenant)

Expand Down Expand Up @@ -68,11 +69,13 @@ upsert /Tenant/10/Table/4{3-4} database system (tenant)
upsert /Tenant/10/Table/4{4-5} database system (tenant)
upsert /Tenant/10/Table/4{6-7} database system (tenant)
upsert /Tenant/10/Table/5{0-1} database system (tenant)
upsert /Tenant/10/Table/5{1-2} database system (tenant)

state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Tenant/10{-/Table/4} database system (tenant)
/Tenant/10/Table/{4-5} database system (tenant)
/Tenant/10/Table/{5-6} database system (tenant)
Expand Down Expand Up @@ -108,6 +111,7 @@ state offset=47
/Tenant/10/Table/4{4-5} database system (tenant)
/Tenant/10/Table/4{6-7} database system (tenant)
/Tenant/10/Table/5{0-1} database system (tenant)
/Tenant/10/Table/5{1-2} database system (tenant)
/Tenant/11{-"\x00"} database system (tenant)

exec-sql tenant=10
Expand All @@ -131,8 +135,10 @@ upsert /Tenant/10/Table/11{3-4} range default
state offset=81
----
...
/Tenant/10/Table/4{4-5} database system (tenant)
/Tenant/10/Table/4{6-7} database system (tenant)
/Tenant/10/Table/5{0-1} database system (tenant)
/Tenant/10/Table/5{1-2} database system (tenant)
/Tenant/10/Table/10{6-7} range default
/Tenant/10/Table/10{7-8} range default
/Tenant/10/Table/11{2-3} range default
Expand Down
2 changes: 2 additions & 0 deletions pkg/ccl/spanconfigccl/spanconfigreconcilerccl/testdata/multitenant/protectedts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Tenant/10{-"\x00"} database system (tenant)

# Write a protected timestamp record on the system tenant cluster.
Expand Down Expand Up @@ -84,6 +85,7 @@ upsert /Tenant/10/Table/4{3-4} database system (tenant)
upsert /Tenant/10/Table/4{4-5} database system (tenant)
upsert /Tenant/10/Table/4{6-7} database system (tenant)
upsert /Tenant/10/Table/5{0-1} database system (tenant)
upsert /Tenant/10/Table/5{1-2} database system (tenant)

exec-sql tenant=10
CREATE DATABASE db;
Expand Down
2 changes: 2 additions & 0 deletions pkg/ccl/spanconfigccl/spanconfigreconcilerccl/testdata/named_zones
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,7 @@ state offset=46
...
/Table/4{7-8} database system (host)
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/10{6-7} ttl_seconds=50

# Make sure future descendants observe the same.
Expand All @@ -141,6 +142,7 @@ state offset=46
...
/Table/4{7-8} database system (host)
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/10{6-7} ttl_seconds=50
/Table/10{7-8} ttl_seconds=50

Expand Down
8 changes: 8 additions & 0 deletions pkg/ccl/spanconfigccl/spanconfigreconcilerccl/testdata/partitions
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)

exec-sql
CREATE DATABASE db;
Expand All @@ -34,6 +35,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/10{6-7} range default

# All parent schema zone config changes cascade to the entire table's span.
Expand All @@ -51,6 +53,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/10{6-7} num_replicas=7 num_voters=5

# Apply a zone configuration on one of the partitions, `one_two`, which
Expand All @@ -73,6 +76,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/106{-/1/1} num_replicas=7 num_voters=5
/Table/106/1/{1-2} global_reads=true num_replicas=7 num_voters=5
/Table/106/1/{2-3} global_reads=true num_replicas=7 num_voters=5
Expand All @@ -95,6 +99,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/106{-/1/1} num_replicas=7 num_voters=5
/Table/106/1/{1-2} global_reads=true num_replicas=7 num_voters=5
/Table/106/1/{2-3} global_reads=true num_replicas=7 num_voters=5
Expand Down Expand Up @@ -131,6 +136,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/106{-/1} num_replicas=7 num_voters=5
/Table/106/1{-/1} num_replicas=7 num_voters=6
/Table/106/1/{1-2} global_reads=true num_replicas=7 num_voters=5
Expand Down Expand Up @@ -165,6 +171,7 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/106{-/1} num_replicas=7
/Table/106/1{-/1} num_replicas=7 num_voters=6
/Table/106/1/{1-2} global_reads=true num_replicas=7
Expand Down Expand Up @@ -193,3 +200,4 @@ state offset=47
----
...
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
1 change: 1 addition & 0 deletions pkg/ccl/spanconfigccl/spanconfigreconcilerccl/testdata/protectedts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,7 @@ state limit=3
state offset=51
----
...
/Table/5{1-2} database system (host)
/Table/10{6-7} protection_policies=[{ts: 3} {ts: 4}]
/Table/10{7-8} protection_policies=[{ts: 3} {ts: 4}]

Expand Down
1 change: 1 addition & 0 deletions pkg/ccl/spanconfigccl/spanconfigsqltranslatorccl/testdata/full_translate
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ full-translate
/Table/4{6-7} database system (host)
/Table/4{7-8} database system (host)
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
/Table/11{0-1} range default
/Table/11{1-2} range default
/Table/11{2-3} range default
1 change: 1 addition & 0 deletions pkg/ccl/spanconfigccl/spanconfigsqltranslatorccl/testdata/full_translate_named_zones_deleted
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,3 +84,4 @@ full-translate
/Table/4{6-7} database system (host)
/Table/4{7-8} database system (host)
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)
3 changes: 3 additions & 0 deletions pkg/ccl/spanconfigccl/spanconfigsqltranslatorccl/testdata/system_database
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ translate database=system
/Table/4{6-7} database system (host)
/Table/4{7-8} database system (host)
/Table/5{0-1} database system (host)
/Table/5{1-2} database system (host)

# Alter zone config fields on the database to ensure the effects cascade.
exec-sql
Expand Down Expand Up @@ -98,6 +99,7 @@ translate database=system
/Table/4{6-7} ignore_strict_gc=true num_replicas=7 rangefeed_enabled=true
/Table/4{7-8} ignore_strict_gc=true num_replicas=7 rangefeed_enabled=true
/Table/5{0-1} ignore_strict_gc=true num_replicas=7 rangefeed_enabled=true
/Table/5{1-2} ignore_strict_gc=true num_replicas=7 rangefeed_enabled=true

# Alter a named range that maps to a pseudo table ID, ensuring that its effects
# are independent.
Expand Down Expand Up @@ -155,3 +157,4 @@ full-translate
/Table/4{6-7} ignore_strict_gc=true num_replicas=7 rangefeed_enabled=true
/Table/4{7-8} ignore_strict_gc=true num_replicas=7 rangefeed_enabled=true
/Table/5{0-1} ignore_strict_gc=true num_replicas=7 rangefeed_enabled=true
/Table/5{1-2} ignore_strict_gc=true num_replicas=7 rangefeed_enabled=true
2 changes: 2 additions & 0 deletions pkg/ccl/spanconfigccl/spanconfigsqltranslatorccl/testdata/tenant/full_translate
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ full-translate
/Tenant/10/Table/4{4-5} database system (tenant)
/Tenant/10/Table/4{6-7} database system (tenant)
/Tenant/10/Table/5{0-1} database system (tenant)
/Tenant/10/Table/5{1-2} database system (tenant)
/Tenant/10/Table/11{0-1} range default
/Tenant/10/Table/11{1-2} range default
/Tenant/10/Table/11{2-3} range default
Expand Down Expand Up @@ -94,6 +95,7 @@ translate named-zone=default
/Tenant/10/Table/4{4-5} database system (tenant)
/Tenant/10/Table/4{6-7} database system (tenant)
/Tenant/10/Table/5{0-1} database system (tenant)
/Tenant/10/Table/5{1-2} database system (tenant)
/Tenant/10/Table/11{0-1} range default
/Tenant/10/Table/11{1-2} range default
/Tenant/10/Table/11{2-3} range default
2 changes: 1 addition & 1 deletion pkg/cli/testdata/doctor/test_examine_cluster
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
debug doctor examine cluster
----
debug doctor examine cluster
Examining 44 descriptors and 43 namespace entries...
Examining 45 descriptors and 44 namespace entries...
ParentID 100, ParentSchemaID 101: relation "foo" (105): expected matching namespace entry, found none
Examining 4 jobs...
ERROR: validation failed
9 changes: 6 additions & 3 deletions pkg/cli/testdata/zip/partial1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ debug zip --concurrency=1 --cpu-profile-duration=0s /dev/null
[cluster] requesting data for debug/settings... received response... converting to JSON... writing binary output: debug/settings.json... done
[cluster] requesting data for debug/reports/problemranges... received response... converting to JSON... writing binary output: debug/reports/problemranges.json... done
[cluster] retrieving list of system tables... done
[cluster] 37 system tables found
[cluster] 38 system tables found
[cluster] retrieving SQL data for crdb_internal.cluster_contention_events... writing output: debug/crdb_internal.cluster_contention_events.txt... done
[cluster] retrieving SQL data for crdb_internal.cluster_distsql_flows... writing output: debug/crdb_internal.cluster_distsql_flows.txt... done
[cluster] retrieving SQL data for crdb_internal.cluster_database_privileges... writing output: debug/crdb_internal.cluster_database_privileges.txt... done
Expand Down Expand Up @@ -44,6 +44,7 @@ debug zip --concurrency=1 --cpu-profile-duration=0s /dev/null
[cluster] retrieving SQL data for system.locations... writing output: debug/system.locations.txt... done
[cluster] retrieving SQL data for system.migrations... writing output: debug/system.migrations.txt... done
[cluster] retrieving SQL data for system.namespace... writing output: debug/system.namespace.txt... done
[cluster] retrieving SQL data for system.privileges... writing output: debug/system.privileges.txt... done
[cluster] retrieving SQL data for system.protected_ts_meta... writing output: debug/system.protected_ts_meta.txt... done
[cluster] retrieving SQL data for system.protected_ts_records... writing output: debug/system.protected_ts_records.txt... done
[cluster] retrieving SQL data for system.rangelog... writing output: debug/system.rangelog.txt... done
Expand Down Expand Up @@ -107,7 +108,7 @@ debug zip --concurrency=1 --cpu-profile-duration=0s /dev/null
[node 1] 1 log file ...
[node 1] [log file ...
[node 1] requesting ranges... received response... done
[node 1] 49 ranges found
[node 1] 50 ranges found
[node 1] writing range 1... converting to JSON... writing binary output: debug/nodes/1/ranges/1.json... done
[node 1] writing range 2... converting to JSON... writing binary output: debug/nodes/1/ranges/2.json... done
[node 1] writing range 3... converting to JSON... writing binary output: debug/nodes/1/ranges/3.json... done
Expand Down Expand Up @@ -157,6 +158,7 @@ debug zip --concurrency=1 --cpu-profile-duration=0s /dev/null
[node 1] writing range 47... converting to JSON... writing binary output: debug/nodes/1/ranges/47.json... done
[node 1] writing range 48... converting to JSON... writing binary output: debug/nodes/1/ranges/48.json... done
[node 1] writing range 49... converting to JSON... writing binary output: debug/nodes/1/ranges/49.json... done
[node 1] writing range 50... converting to JSON... writing binary output: debug/nodes/1/ranges/50.json... done
[node 2] node status... converting to JSON... writing binary output: debug/nodes/2/status.json... done
[node 2] using SQL connection URL: postgresql://...
[node 2] retrieving SQL data for crdb_internal.feature_usage... writing output: debug/nodes/2/crdb_internal.feature_usage.txt...
Expand Down Expand Up @@ -287,7 +289,7 @@ debug zip --concurrency=1 --cpu-profile-duration=0s /dev/null
[node 3] 1 log file ...
[node 3] [log file ...
[node 3] requesting ranges... received response... done
[node 3] 49 ranges found
[node 3] 50 ranges found
[node 3] writing range 1... converting to JSON... writing binary output: debug/nodes/3/ranges/1.json... done
[node 3] writing range 2... converting to JSON... writing binary output: debug/nodes/3/ranges/2.json... done
[node 3] writing range 3... converting to JSON... writing binary output: debug/nodes/3/ranges/3.json... done
Expand Down Expand Up @@ -337,6 +339,7 @@ debug zip --concurrency=1 --cpu-profile-duration=0s /dev/null
[node 3] writing range 47... converting to JSON... writing binary output: debug/nodes/3/ranges/47.json... done
[node 3] writing range 48... converting to JSON... writing binary output: debug/nodes/3/ranges/48.json... done
[node 3] writing range 49... converting to JSON... writing binary output: debug/nodes/3/ranges/49.json... done
[node 3] writing range 50... converting to JSON... writing binary output: debug/nodes/3/ranges/50.json... done
[cluster] pprof summary script... writing binary output: debug/pprof-summary.sh... done
[cluster] hot range summary script... writing binary output: debug/hot-ranges.sh... done
[cluster] tenant hot range summary script... writing binary output: debug/hot-ranges-tenant.sh... done
Loading

0 comments on commit b17caa8

Please sign in to comment.