Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

release-22.2: sql: add a cluster setting to allow users to change their own password #90626

Merged
merged 1 commit into from
Oct 26, 2022
Merged

release-22.2: sql: add a cluster setting to allow users to change their own password #90626

merged 1 commit into from
Oct 26, 2022

Conversation

blathers-crl[bot]
Copy link

@blathers-crl blathers-crl bot commented Oct 25, 2022
edited by rafiss
Loading

Backport 1/1 commits from #90485 on behalf of @rafiss.

/cc @cockroachdb/release

fixes #54660

This will help with a CRDB Dedicated use case, to allow Console users to reset their own password.

Release note (sql change): Added the
sql.auth.change_own_password.enabled cluster setting. It defaults to false. When set to true, any user is allowed to change their own password to a non-null value. Changing other role options still has the same privilege requirements as before (either CREATEROLE or CREATELOGIN, depending on the option).

Release justification: low risk change gated by cluster setting

@blathers-crl blathers-crl bot requested a review from a team October 25, 2022 16:07
@blathers-crl blathers-crl bot force-pushed the blathers/backport-release-22.2-90485 branch from 2892380 to 7472c4d Compare October 25, 2022 16:07
@blathers-crl blathers-crl bot requested review from ecwall and rafiss October 25, 2022 16:07
@blathers-crl
Copy link
Author

blathers-crl bot commented Oct 25, 2022

Thanks for opening a backport.

Please check the backport criteria before merging:

  • Patches should only be created for serious issues or test-only changes.
  • Patches should not break backwards-compatibility.
  • Patches should change as little code as possible.
  • Patches should not change on-disk formats or node communication protocols.
  • Patches should not add new functionality.
  • Patches must not add, edit, or otherwise modify cluster versions; or add version gates.
If some of the basic criteria cannot be satisfied, ensure that the exceptional criteria are satisfied within.
  • There is a high priority need for the functionality that cannot wait until the next release and is difficult to address in another way.
  • The new functionality is additive-only and only runs for clusters which have specifically “opted in” to it (e.g. by a cluster setting).
  • New code is protected by a conditional check that is trivial to verify and ensures that it only runs for opt-in clusters.
  • The PM and TL on the team that owns the changed code have signed off that the change obeys the above rules.

Add a brief release justification to the body of your PR to justify this backport.

Some other things to consider:

  • What did we do to ensure that a user that doesn’t know & care about this backport, has no idea that it happened?
  • Will this work in a cluster of mixed patch versions? Did we test that?
  • If a user upgrades a patch version, uses this feature, and then downgrades, what happens?

@blathers-crl blathers-crl bot added blathers-backport This is a backport that Blathers created automatically. O-robot Originated from a bot. labels Oct 25, 2022
@cockroach-teamcity
Copy link
Member

This change is Reviewable

@rafiss
sql: add a cluster setting to allow users to change their own password
aa6383c 
This will help with a CRDB Dedicated use case, to allow Console users to
reset their own password.

Release note (sql change): Added the
sql.auth.change_own_password.enabled cluster setting. It defaults to
false. When set to true, any user is allowed to change their own
password to a non-null value. Changing other role options still has the
same privilege requirements as before (either CREATEROLE or CREATELOGIN,
depending on the option).
@rafiss rafiss force-pushed the blathers/backport-release-22.2-90485 branch from 7472c4d to aa6383c Compare October 26, 2022 14:39
@rafiss rafiss merged commit a52cd35 into release-22.2 Oct 26, 2022
@rafiss rafiss deleted the blathers/backport-release-22.2-90485 branch October 26, 2022 17:26
@cockroach-teamcity cockroach-teamcity mentioned this pull request Oct 26, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ecwall ecwall ecwall approved these changes

@rafiss rafiss Awaiting requested review from rafiss

Assignees

@rafiss rafiss

Labels
blathers-backport This is a backport that Blathers created automatically. O-robot Originated from a bot.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cockroach-teamcity @ecwall @rafiss