Skip to content

Sql auth enhancements #1147

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Oct 27, 2024
Merged

Sql auth enhancements #1147

merged 7 commits into from
Oct 27, 2024

Conversation

isaacabraham
Copy link
Member

@isaacabraham isaacabraham commented Oct 26, 2024
edited
Loading

This PR closes #1146

The changes in this PR are as follows:

  • Update the API surface to make it easier to interact with.
  • Support for mixed-mode authentication.
  • Improve type-system by making a dedicated authentication type that caters for sql / entra id / mixed mode.authentication.
  • Simply the ARM generation code and remove the unusual "base" code implementation.
  • Added some extra unit tests.
  • Automatically retrieve the ObjectID of the user if it is not supplied (via an AZ CLI call)

I have read the contributing guidelines and have completed the following:

  • Tested my code end-to-end against a live Azure subscription.
  • Updated the documentation in the docs folder for the affected changes.
  • Written unit tests against the modified code that I have made.
  • Updated the release notes with a new entry for this PR.
  • Checked the coding standards outlined in the contributions guide and ensured my code adheres to them.
let theServer = sqlServer {
    name "isaac-farmer-entra-test-server"

    // Can still use this if you want to still enable SQL auth, but no longer necessary
    admin_user "super-sql-admin"

    // Use one of the following
    entra_id_admin_user "me@mycompany.com" (ObjectId Guid.Empty) // get via Farmer.Builders.AccessPolicy.findUsers
    entra_id_admin_group "DBA Adminstrators Group"  (ObjectId Guid.Empty) // get via Farmer.Builders.AccessPolicy.findGroups
    entra_id_admin "me@mycompany.com" (ObjectId Guid.Empty) PrincipalType.User
}

@isaacabraham
Copy link
Member Author

@ninjarobot I'm not sure if we've put calls to AZ CLI directly within a builder before - perhaps I should remove that and we simply document "how" to get the object id through Farmer imperatively and let the user decide whether or not to do it?

@ninjarobot
Copy link
Collaborator

@ninjarobot I'm not sure if we've put calls to AZ CLI directly within a builder before - perhaps I should remove that and we simply document "how" to get the object id through Farmer imperatively and let the user decide whether or not to do it?

I agree, this would impact users that run Farmer as a library rather than shelling out to the CLI. Library users would likely prefer to do this with the Graph SDK and pass the users or groups to the builder method as an argument.

@ninjarobot ninjarobot added this to the 1.9.3 milestone Oct 26, 2024
@isaacabraham
Copy link
Member Author

I'll make that change then.

@isaacabraham isaacabraham merged commit 606c117 into master Oct 27, 2024
3 checks passed
@isaacabraham isaacabraham deleted the sql-auth-enhancements branch October 27, 2024 16:07
github-actions bot pushed a commit that referenced this pull request Oct 27, 2024
@isaacabraham
Merge pull request #1147 from CompositionalIT/sql-auth-enhancements
e08a2fe 
Sql auth enhancements 606c117
@MartinWa MartinWa mentioned this pull request Nov 6, 2024
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.9.3
Development

Successfully merging this pull request may close these issues.

Clean up SQL Entra ID authentication
2 participants
@isaacabraham @ninjarobot