chore: Fixed constructor argument.

Author: pratickchokhani

v1/src/main/java/com/google/cloud/teleport/spanner/ExportPipeline.java

@@ -26,20 +26,21 @@
 import com.google.cloud.teleport.spanner.iam.IAMCheckResult;
 import com.google.cloud.teleport.spanner.iam.IAMPermissionsChecker;
 import com.google.cloud.teleport.spanner.iam.IAMRequirementsCreator;
-import com.google.cloud.teleport.spanner.iam.IAMResourceRequirements;
 import com.google.cloud.teleport.spanner.spannerio.SpannerConfig;
-import java.util.Collections;
+import java.io.IOException;
+import java.security.GeneralSecurityException;
 import org.apache.beam.runners.dataflow.options.DataflowPipelineOptions;
 import org.apache.beam.sdk.Pipeline;
 import org.apache.beam.sdk.PipelineResult;
-import org.apache.beam.sdk.extensions.gcp.options.GcpOptions;
 import org.apache.beam.sdk.options.Default;
 import org.apache.beam.sdk.options.Description;
 import org.apache.beam.sdk.options.PipelineOptions;
 import org.apache.beam.sdk.options.PipelineOptionsFactory;
 import org.apache.beam.sdk.options.ValueProvider;
 import org.apache.beam.sdk.options.ValueProvider.NestedValueProvider;
 import org.apache.beam.sdk.transforms.SerializableFunction;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * Dataflow template that exports a Cloud Spanner database to Avro files in GCS.
@@ -78,6 +79,7 @@
       "In addition to the Identity and Access Management (IAM) roles necessary to run Dataflow jobs, you must also have the <a href=\"https://cloud.google.com/spanner/docs/export#iam\">appropriate IAM roles</a> for reading your Cloud Spanner data and writing to your Cloud Storage bucket."
     })
 public class ExportPipeline {
+  private static final Logger LOG = LoggerFactory.getLogger(ExportPipeline.class);
 
   /** Options for Export pipeline. */
   public interface ExportPipelineOptions extends PipelineOptions {
@@ -282,7 +284,7 @@ public static void main(String[] args) {
                 options.getShouldExportRelatedTables(),
                 options.getShouldExportTimestampAsLogicalType(),
                 options.getAvroTempDirectory()));
-    validateRequiredPermissions(options);
+    validateRequiredPermissions(spannerConfig);
     PipelineResult result = p.run();
     if (options.getWaitUntilFinish()
         &&
@@ -294,25 +296,31 @@ public static void main(String[] args) {
     }
   }
 
-  private static void validateRequiredPermissions(ExportPipelineOptions options) {
-    IAMResourceRequirements spannerRequirements =
-        IAMRequirementsCreator.createSpannerResourceRequirement();
-
-    GcpOptions gcpOptions = options.as(GcpOptions.class);
-
-    IAMPermissionsChecker iamPermissionsChecker =
-        new IAMPermissionsChecker(gcpOptions.getProject(), gcpOptions);
-    IAMCheckResult missingPermission =
-        iamPermissionsChecker.check(Collections.singletonList(spannerRequirements));
-    if (missingPermission.isSuccess()) {
-      return;
+  private static void validateRequiredPermissions(SpannerConfig spannerConfig) {
+    try {
+      if (!spannerConfig.getProjectId().isAccessible()) {
+        throw new IllegalArgumentException("Spanner configs not accessible");
+      }
+      IAMPermissionsChecker iamPermissionsChecker =
+          new IAMPermissionsChecker(spannerConfig.getProjectId().get());
+      IAMCheckResult missingPermission =
+          iamPermissionsChecker.checkSpannerDatabaseRequirements(
+              IAMRequirementsCreator.createSpannerReadResourceRequirement(),
+              spannerConfig.getInstanceId().get(),
+              spannerConfig.getDatabaseId().get());
+      if (missingPermission.isPermissionsAvailable()) {
+        return;
+      }
+      String errorString =
+          "For resource: "
+              + missingPermission.getResourceName()
+              + ", missing permissions: "
+              + missingPermission.getMissingPermissions()
+              + ";";
+      throw new RuntimeException(errorString);
+    } catch (GeneralSecurityException | IOException e) {
+      LOG.error("Error while validating permissions for spanner", e);
+      throw new RuntimeException(e);
     }
-    String errorString =
-        "For resource: "
-            + missingPermission.getResourceName()
-            + ", missing permissions: "
-            + missingPermission.getMissingPermissions()
-            + ";";
-    throw new RuntimeException(errorString);
   }
 }

v1/src/main/java/com/google/cloud/teleport/spanner/ImportPipeline.java

@@ -15,6 +15,7 @@
  */
 package com.google.cloud.teleport.spanner;
 
+import com.google.cloud.spanner.DatabaseNotFoundException;
 import com.google.cloud.spanner.Options.RpcPriority;
 import com.google.cloud.spanner.SpannerOptions;
 import com.google.cloud.teleport.metadata.Template;
@@ -26,20 +27,22 @@
 import com.google.cloud.teleport.spanner.iam.IAMCheckResult;
 import com.google.cloud.teleport.spanner.iam.IAMPermissionsChecker;
 import com.google.cloud.teleport.spanner.iam.IAMRequirementsCreator;
-import com.google.cloud.teleport.spanner.iam.IAMResourceRequirements;
 import com.google.cloud.teleport.spanner.spannerio.SpannerConfig;
+import java.io.IOException;
+import java.security.GeneralSecurityException;
 import java.util.Collections;
 import org.apache.beam.runners.dataflow.options.DataflowPipelineOptions;
 import org.apache.beam.sdk.Pipeline;
 import org.apache.beam.sdk.PipelineResult;
-import org.apache.beam.sdk.extensions.gcp.options.GcpOptions;
 import org.apache.beam.sdk.options.Default;
 import org.apache.beam.sdk.options.Description;
 import org.apache.beam.sdk.options.PipelineOptions;
 import org.apache.beam.sdk.options.PipelineOptionsFactory;
 import org.apache.beam.sdk.options.ValueProvider;
 import org.apache.beam.sdk.options.ValueProvider.NestedValueProvider;
 import org.apache.beam.sdk.transforms.SerializableFunction;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * Avro to Cloud Spanner Import pipeline.
@@ -65,6 +68,7 @@
       "The input Cloud Storage path must exist, and it must include a <a href=\"https://cloud.google.com/spanner/docs/import-non-spanner#create-export-json\">spanner-export.json</a> file that contains a JSON description of files to import."
     })
 public class ImportPipeline {
+  private static final Logger LOG = LoggerFactory.getLogger(ImportPipeline.class);
 
   /** Options for {@link ImportPipeline}. */
   public interface Options extends PipelineOptions {
@@ -258,7 +262,8 @@ public static void main(String[] args) {
             options.getDdlCreationTimeoutInMinutes(),
             options.getEarlyIndexCreateThreshold()));
 
-    validateRequiredPermissions(options);
+    validateRequiredPermissions(spannerConfig);
+
     PipelineResult result = p.run();
 
     if (options.getWaitUntilFinish()
@@ -271,24 +276,43 @@ public static void main(String[] args) {
     }
   }
 
-  private static void validateRequiredPermissions(Options options) {
-    IAMResourceRequirements spannerRequirements =
-        IAMRequirementsCreator.createSpannerResourceRequirement();
-    GcpOptions gcpOptions = options.as(GcpOptions.class);
-
-    IAMPermissionsChecker iamPermissionsChecker =
-        new IAMPermissionsChecker(gcpOptions.getProject(), gcpOptions);
-    IAMCheckResult missingPermission =
-        iamPermissionsChecker.check(Collections.singletonList(spannerRequirements));
-    if (missingPermission.isSuccess()) {
+  private static void validateRequiredPermissions(SpannerConfig spannerConfig) {
+    if (!spannerConfig.getInstanceId().isAccessible()) {
       return;
     }
-    String errorString =
-        "For resource: "
-            + missingPermission.getResourceName()
-            + ", missing permissions: "
-            + missingPermission.getMissingPermissions()
-            + ";";
-    throw new RuntimeException(errorString);
+    String instanceId = spannerConfig.getInstanceId().get();
+    String databaseId = spannerConfig.getDatabaseId().get();
+    IAMCheckResult iamCheckResult = new IAMCheckResult("", Collections.emptyList());
+    try {
+      IAMPermissionsChecker iamPermissionsChecker =
+          new IAMPermissionsChecker("span-cloud-migrations-testing");
+      try {
+
+        iamCheckResult =
+            iamPermissionsChecker.checkSpannerDatabaseRequirements(
+                IAMRequirementsCreator.createSpannerWriteResourceRequirement(),
+                instanceId,
+                databaseId);
+      } catch (DatabaseNotFoundException e) {
+        iamCheckResult =
+            iamPermissionsChecker.checkSpannerDatabaseRequirements(
+                IAMRequirementsCreator.createSpannerWriteResourceRequirement(),
+                instanceId,
+                databaseId);
+      }
+      if (iamCheckResult.isPermissionsAvailable()) {
+        return;
+      }
+      String errorString =
+          "For resource: "
+              + iamCheckResult.getResourceName()
+              + ", missing permissions: "
+              + iamCheckResult.getMissingPermissions()
+              + ";";
+      throw new RuntimeException(errorString);
+    } catch (GeneralSecurityException | IOException e) {
+      LOG.error("Error while validating permissions for spanner", e);
+      throw new RuntimeException(e);
+    }
   }
 }

v1/src/main/java/com/google/cloud/teleport/spanner/ImportTransform.java

@@ -19,6 +19,7 @@
 import com.google.cloud.spanner.Database;
 import com.google.cloud.spanner.DatabaseAdminClient;
 import com.google.cloud.spanner.DatabaseId;
+import com.google.cloud.spanner.DatabaseNotFoundException;
 import com.google.cloud.spanner.Dialect;
 import com.google.cloud.spanner.Mutation;
 import com.google.cloud.teleport.spanner.ddl.ChangeStream;
@@ -29,6 +30,9 @@
 import com.google.cloud.teleport.spanner.ddl.Sequence;
 import com.google.cloud.teleport.spanner.ddl.Table;
 import com.google.cloud.teleport.spanner.ddl.Udf;
+import com.google.cloud.teleport.spanner.iam.IAMCheckResult;
+import com.google.cloud.teleport.spanner.iam.IAMPermissionsChecker;
+import com.google.cloud.teleport.spanner.iam.IAMRequirementsCreator;
 import com.google.cloud.teleport.spanner.proto.ExportProtos.Export;
 import com.google.cloud.teleport.spanner.proto.ExportProtos.ProtoDialect;
 import com.google.cloud.teleport.spanner.proto.ExportProtos.TableManifest;
@@ -54,8 +58,10 @@
 import java.nio.channels.Channels;
 import java.nio.file.Path;
 import java.nio.file.Paths;
+import java.security.GeneralSecurityException;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 import java.util.Set;
 import java.util.concurrent.ExecutionException;
@@ -72,6 +78,7 @@
 import org.apache.beam.sdk.io.fs.EmptyMatchTreatment;
 import org.apache.beam.sdk.io.fs.MatchResult;
 import org.apache.beam.sdk.io.fs.ResourceId;
+import org.apache.beam.sdk.options.PipelineOptions;
 import org.apache.beam.sdk.options.ValueProvider;
 import org.apache.beam.sdk.options.ValueProvider.NestedValueProvider;
 import org.apache.beam.sdk.transforms.Combine;
@@ -93,6 +100,7 @@
 import org.apache.beam.sdk.values.TupleTag;
 import org.apache.beam.sdk.values.TupleTagList;
 import org.apache.beam.sdk.values.TypeDescriptor;
+import org.checkerframework.checker.nullness.qual.Nullable;
 import org.joda.time.Duration;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -139,6 +147,14 @@ public ImportTransform(
     this.earlyIndexCreateThreshold = earlyIndexCreateThreshold;
   }
 
+//  @Override
+//  public void validate(@Nullable PipelineOptions options) {
+//    String instanceId = this.spannerConfig.getInstanceId().get();
+//    String databaseId = this.spannerConfig.getDatabaseId().get();
+//
+//    validateRequiredPermissions(instanceId, databaseId);
+//  }
+
   @Override
   public PDone expand(PBegin begin) {
     PCollectionView<Dialect> dialectView =
@@ -672,7 +688,7 @@ public void processElement(ProcessContext c) {
                                   "Create index early: {}",
                                   String.join(";", createIndexStatements));
                               ddlStatements.addAll(createIndexStatements);
-                              c.output(pendingIndexesTag, new ArrayList<String>());
+                              c.output(pendingIndexesTag, new ArrayList<>());
                             } else {
                               LOG.info(
                                   "Pending index creation: {}",
@@ -953,4 +969,42 @@ private void validateLocalFiles(ProcessContext c, String table, TableManifest ma
       }
     }
   }
+
+  private static void validateRequiredPermissions(String instanceId, String databaseId) {
+    if (instanceId == null) {
+      return;
+    }
+    IAMCheckResult iamCheckResult = new IAMCheckResult("", Collections.emptyList());
+    try {
+      IAMPermissionsChecker iamPermissionsChecker =
+          new IAMPermissionsChecker("span-cloud-migrations-testing");
+      try {
+
+        iamCheckResult =
+            iamPermissionsChecker.checkSpannerDatabaseRequirements(
+                IAMRequirementsCreator.createSpannerWriteResourceRequirement(),
+                instanceId,
+                databaseId);
+      } catch (DatabaseNotFoundException e) {
+        iamCheckResult =
+            iamPermissionsChecker.checkSpannerDatabaseRequirements(
+                IAMRequirementsCreator.createSpannerWriteResourceRequirement(),
+                instanceId,
+                databaseId);
+      }
+      if (iamCheckResult.isPermissionsAvailable()) {
+        return;
+      }
+      String errorString =
+          "For resource: "
+              + iamCheckResult.getResourceName()
+              + ", missing permissions: "
+              + iamCheckResult.getMissingPermissions()
+              + ";";
+      throw new RuntimeException(errorString);
+    } catch (GeneralSecurityException | IOException e) {
+      LOG.error("Error while validating permissions for spanner", e);
+      throw new RuntimeException(e);
+    }
+  }
 }

v1/src/main/java/com/google/cloud/teleport/spanner/iam/IAMCheckResult.java

@@ -36,7 +36,7 @@ public List<String> getMissingPermissions() {
     return new ArrayList<>(missingPermissions);
   }
 
-  public boolean isSuccess() {
+  public boolean isPermissionsAvailable() {
     return missingPermissions.isEmpty();
   }
 
@@ -49,7 +49,7 @@ public String toString() {
         + ", missingPermissions="
         + missingPermissions
         + ", success="
-        + isSuccess()
+        + isPermissionsAvailable()
         + '}';
   }
 }