Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

This file was deleted.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

53 changes: 38 additions & 15 deletions crates/control-plane-api/src/fixtures/private_links.sql
Original file line number Diff line number Diff line change
@@ -1,12 +1,15 @@
-- Adds a private data plane with populated private-link config and one AWS
-- provisioning result row, plus a `read` grant for Alice on the private
-- prefix so the GraphQL authorization layer can surface it.
-- Adds a private data plane plus three configured private links (one per
-- provider) as rows in `data_plane_private_links`: the AWS link is
-- `provisioned` and carries its endpoint details, the Azure and GCP links are
-- still `pending`. One AWS endpoint result is also set on the data_planes row
-- for the legacy `awsLinkEndpoints` field. Grants Alice `read` (plus the
-- `manage_data_plane` bundle) on the private prefix so the GraphQL
-- authorization layer can surface and mutate it.
--
-- Loaded alongside `data_planes` and `alice` in tests that exercise the
-- typed `privateLinks` field on the dataPlanes query and the
-- `updateDataPlanePrivateLinks` mutation. Kept separate from the shared
-- `data_planes.sql` so its presence does not change every other GraphQL
-- test.
-- Loaded alongside `data_planes` and `alice` by tests that exercise the
-- `privateLinks` field and the per-link CRUD mutations. Kept separate from the
-- shared `data_planes.sql` so its presence does not change every other GraphQL
-- test. Link ids are explicit so snapshots are deterministic.
do $$
declare
alice_private_dp_id flowid := '444444444444';
Expand Down Expand Up @@ -38,7 +41,6 @@ begin
gcp_service_account_email,
azure_application_name,
azure_application_client_id,
private_links,
aws_link_endpoints
) values (
alice_private_dp_id,
Expand All @@ -63,15 +65,36 @@ begin
'estuary-test-app-private',
'44444444-4444-4444-4444-444444444444',
array[
'{"region":"us-east-1","az_ids":["use1-az1","use1-az2"],"service_name":"com.amazonaws.vpce.us-east-1.vpce-svc-abc123"}'::json,
'{"service_name":"/subscriptions/x/resourceGroups/rg/providers/Microsoft.Network/privateLinkServices/svc","location":"eastus","dns_name":"privatelink.database.windows.net"}'::json,
'{"service_attachment":"projects/p/regions/us-central1/serviceAttachments/sa","region":"us-central1","dns_zone_name":"z","dns_record_names":["r1","r2"],"all_ports":true}'::json
],
array[
'{"endpoint_id":"vpce-0123456789abcdef0","state":"available"}'::json
'{"service_name":"com.amazonaws.vpce.us-east-1.vpce-svc-abc123","dns_entries":[{"dns_name":"vpce-0123abc.vpce-svc-abc123.us-east-1.vpce.amazonaws.com","hosted_zone_id":"Z7HUB22EVRPK5"}]}'::json
]
);

insert into public.data_plane_private_links (id, data_plane_id, provider, config, status, details) values
(
'00:00:00:00:00:00:0a:01',
alice_private_dp_id,
'aws',
'{"region":"us-east-1","az_ids":["use1-az1","use1-az2"],"service_name":"com.amazonaws.vpce.us-east-1.vpce-svc-abc123"}'::jsonb,
'provisioned',
'{"service_name":"com.amazonaws.vpce.us-east-1.vpce-svc-abc123","dns_entries":[{"dns_name":"vpce-0123abc.vpce-svc-abc123.us-east-1.vpce.amazonaws.com","hosted_zone_id":"Z7HUB22EVRPK5"}]}'::jsonb
),
(
'00:00:00:00:00:00:0a:02',
alice_private_dp_id,
'azure',
'{"service_name":"/subscriptions/x/resourceGroups/rg/providers/Microsoft.Network/privateLinkServices/svc","location":"eastus","dns_name":"privatelink.database.windows.net"}'::jsonb,
'pending',
null
),
(
'00:00:00:00:00:00:0a:03',
alice_private_dp_id,
'gcp',
'{"service_attachment":"projects/p/regions/us-central1/serviceAttachments/sa","region":"us-central1","dns_zone_name":"z","dns_record_names":["r1","r2"],"all_ports":true}'::jsonb,
'pending',
null
);

-- Mirrors what `create_data_plane.rs` installs at provisioning time:
-- legacy `read` for RLS/`user_roles()`, and the `ManageDataPlane` bundle
-- for the capability bits.
Expand Down
Loading
Loading