Permifrost

Manage Snowflake Permissions

Permifrost Project

PyPI

Permifrost

permifront diagram

Permifrost is a Python tool for managing permissions on a Snowflake data warehouse. The main documentation for using the tool is available in the project and on PyPI.

Caveats

✅ What Permifrost is and what it is doing

  • Supports Snowflake only
  • Permifrost takes care of roles and privileges only
  • Objects that exist but are not in the config file do not lead to errors
  • Is a fully open-source package and everyone can contribute

❌ What Permifrost is not and what it is not doing

  • Object creation and deletion is not managed by permifrost
    • That is, if entire roles are removed from the roles.yml file, it will not delete them from Snowflake

Contributing

Development

Follow these steps to create and prepare your virtual environment.

## create a virtualenv python -m venv ~/.venv/permifrost ## activate your virtualenv source ~/.venv/permifrost/bin/activate ## install dependencies pip install -r requirements.txt ## pip3 install all the development dependencies pip install -e '.[dev]'

Once you’ve committed your changes, submit a merge request and update the default template.

Communication

  • For any additional question, contribution or ide, feel free to open a new issue in the Permifrost project and, if needed, tag @gitlab-data/permifrost_maintainers (the project maintainers)
  • If you prefer to announce or ask, Slack channel #tools-permifrost is also a good option.

Release Process

The release process is described in the template Release process for Permifrost with using Release Permifrost template. For real life example, use Release 0.15.1 as a template.

We set a goal to release a new version of Permifrost at least twice per year. Meanwhile, check our release history.

Versioning

Permifrost uses Semantic Versioning 2.0.0 as its version number scheme.

Workflow

Permifrost uses tags to create its artifacts. Pushing a new tag to the repository will publish it as docker images and a PyPI package. For details, refer to the Release guideline.

Below is the entire workflow for Permifrost contribution and development:

Permifost maintainer

Community

Tag permifrost maintainers

permifrost::1 Accepting Merge Requests

permifrost::2 In-Progress

permifrost::3 In-Review

Yes

Work needed

Create an issue

Release

share info about new release

Issue

Validate issue

Merge request

Work is done

Code is approved?

Adding to chanelog

End

Request for change

PyPi