feat(source/bigquery): add optional write mode config #1157
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
shobsi
reviewed
Aug 14, 2025
shobsi
reviewed
Aug 15, 2025
internal/tools/bigquery/bigqueryexecutesql/bigqueryexecutesql.go
Outdated
Show resolved
Hide resolved
internal/tools/bigquery/bigqueryexecutesql/bigqueryexecutesql.go
Outdated
Show resolved
Hide resolved
shobsi
approved these changes
Aug 18, 2025
internal/tools/bigquery/bigqueryexecutesql/bigqueryexecutesql.go
Outdated
Show resolved
Hide resolved
ed6e582 to
9b7e0f0
Compare
duwenxin99
requested changes
Oct 8, 2025
duwenxin99
approved these changes
Oct 8, 2025
github-actions bot
pushed a commit
that referenced
this pull request
Oct 8, 2025
Summary Adds an optional write_mode configuration to the BigQuery source, enhancing security by controlling the types of SQL statements that can be executed to prevent unauthorized data modification. Key Changes Added writeMode Configuration: A new write_mode field is added to the BigQuery source, supporting three modes: allowed (Default): Permits all SQL statements. blocked: Allows only SELECT queries. protected: Enables session-based execution, restricting write operations (like CREATE TABLE) to the session's temporary dataset, thus protecting permanent datasets. Note: at the moment, this won't work with useClientOAuth, will fix this in the future. These restrictions primarily apply to the bigquery-execute-sql tool and the session may be used in other tools. 63adc78
github-actions bot
pushed a commit
that referenced
this pull request
Oct 8, 2025
Summary Adds an optional write_mode configuration to the BigQuery source, enhancing security by controlling the types of SQL statements that can be executed to prevent unauthorized data modification. Key Changes Added writeMode Configuration: A new write_mode field is added to the BigQuery source, supporting three modes: allowed (Default): Permits all SQL statements. blocked: Allows only SELECT queries. protected: Enables session-based execution, restricting write operations (like CREATE TABLE) to the session's temporary dataset, thus protecting permanent datasets. Note: at the moment, this won't work with useClientOAuth, will fix this in the future. These restrictions primarily apply to the bigquery-execute-sql tool and the session may be used in other tools. 63adc78
github-actions bot
pushed a commit
to Genesis929/genai-toolbox
that referenced
this pull request
Oct 8, 2025
…apis#1157) Summary Adds an optional write_mode configuration to the BigQuery source, enhancing security by controlling the types of SQL statements that can be executed to prevent unauthorized data modification. Key Changes Added writeMode Configuration: A new write_mode field is added to the BigQuery source, supporting three modes: allowed (Default): Permits all SQL statements. blocked: Allows only SELECT queries. protected: Enables session-based execution, restricting write operations (like CREATE TABLE) to the session's temporary dataset, thus protecting permanent datasets. Note: at the moment, this won't work with useClientOAuth, will fix this in the future. These restrictions primarily apply to the bigquery-execute-sql tool and the session may be used in other tools. 63adc78
github-actions bot
pushed a commit
to Genesis929/genai-toolbox
that referenced
this pull request
Oct 8, 2025
…apis#1157) Summary Adds an optional write_mode configuration to the BigQuery source, enhancing security by controlling the types of SQL statements that can be executed to prevent unauthorized data modification. Key Changes Added writeMode Configuration: A new write_mode field is added to the BigQuery source, supporting three modes: allowed (Default): Permits all SQL statements. blocked: Allows only SELECT queries. protected: Enables session-based execution, restricting write operations (like CREATE TABLE) to the session's temporary dataset, thus protecting permanent datasets. Note: at the moment, this won't work with useClientOAuth, will fix this in the future. These restrictions primarily apply to the bigquery-execute-sql tool and the session may be used in other tools. 63adc78
github-actions bot
pushed a commit
to renovate-bot/googleapis-_-genai-toolbox
that referenced
this pull request
Oct 8, 2025
…apis#1157) Summary Adds an optional write_mode configuration to the BigQuery source, enhancing security by controlling the types of SQL statements that can be executed to prevent unauthorized data modification. Key Changes Added writeMode Configuration: A new write_mode field is added to the BigQuery source, supporting three modes: allowed (Default): Permits all SQL statements. blocked: Allows only SELECT queries. protected: Enables session-based execution, restricting write operations (like CREATE TABLE) to the session's temporary dataset, thus protecting permanent datasets. Note: at the moment, this won't work with useClientOAuth, will fix this in the future. These restrictions primarily apply to the bigquery-execute-sql tool and the session may be used in other tools. 63adc78
github-actions bot
pushed a commit
to renovate-bot/googleapis-_-genai-toolbox
that referenced
this pull request
Oct 8, 2025
…apis#1157) Summary Adds an optional write_mode configuration to the BigQuery source, enhancing security by controlling the types of SQL statements that can be executed to prevent unauthorized data modification. Key Changes Added writeMode Configuration: A new write_mode field is added to the BigQuery source, supporting three modes: allowed (Default): Permits all SQL statements. blocked: Allows only SELECT queries. protected: Enables session-based execution, restricting write operations (like CREATE TABLE) to the session's temporary dataset, thus protecting permanent datasets. Note: at the moment, this won't work with useClientOAuth, will fix this in the future. These restrictions primarily apply to the bigquery-execute-sql tool and the session may be used in other tools. 63adc78
duwenxin99
added a commit
that referenced
this pull request
Oct 10, 2025
🤖 I have created a release *beep* *boop* --- ## [0.17.0](v0.16.0...v0.17.0) (2025-10-10) ### ⚠ BREAKING CHANGES * **tools/bigquery-get-table-info:** add allowed dataset support ([#1093](#1093)) * **tool/bigquery-list-dataset-ids:** add allowed datasets support ([#1573](#1573)) ### Features * Add configs and workflows for docs versioning ([#1611](#1611)) ([21ac98b](21ac98b)) * Add metadata in MCP Manifest for Toolbox auth ([#1395](#1395)) ([0b3dac4](0b3dac4)) * Add program name to MySQL connections ([#1617](#1617)) ([c4a22b8](c4a22b8)) * **source/bigquery:** Add optional write mode config ([#1157](#1157)) ([63adc78](63adc78)) * **sources/mssql:** Add app name to MSSQL ([#1620](#1620)) ([1536d1f](1536d1f)) * **sources/oracle:** Add Oracle Source and Tool ([#1456](#1456)) ([3a19a50](3a19a50)) * **tool/bigquery-list-dataset-ids:** Add allowed datasets support ([#1573](#1573)) ([1a44c67](1a44c67)) * **tools/bigquery-get-table-info:** Add allowed dataset support ([#1093](#1093)) ([acb205c](acb205c)) * **tools/dataform:** Add dataform compile tool ([#1470](#1470)) ([3be9b7b](3be9b7b)) * **tools/looker:** Add support for pulse, vacuum and analyze audit and performance functions on a Looker instance ([#1581](#1581)) ([5aed4e1](5aed4e1)) * **tools/looker:** Enable access to the Conversational Analytics API for Looker ([#1596](#1596)) ([2d5a93e](2d5a93e)) ### Bug Fixes * Added google_ml_integration extension to use alloydb ai-nl support api ([#1445](#1445)) ([dbc477a](dbc477a)) * Fix broken links ([#1625](#1625)) ([36c6584](36c6584)) * Remove duplicated build type in Dockerfile ([#1598](#1598)) ([b43c945](b43c945)) * **source/bigquery:** Allowed datasets project id issue with client oauth ([#1663](#1663)) ([f4cf486](f4cf486)) * **sources/looker:** Allow Looker to be configured without setting a Client Id or Secret ([#1496](#1496)) ([67d8221](67d8221)) * **tools/looker:** Refactor run-inline-query logic to helper function ([#1497](#1497)) ([62af39d](62af39d)) * **tools/mysql-list-tables:** Update sql query to resolve subquery scope error ([#1629](#1629)) ([94e19d8](94e19d8)) ### Miscellaneous Chores * Release 0.17.0 ([#1676](#1676)) ([7e22cb4](7e22cb4)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com>
duwenxin99
added a commit
that referenced
this pull request
Oct 10, 2025
🤖 I have created a release *beep* *boop* --- ## [0.17.0](v0.16.0...v0.17.0) (2025-10-10) ### ⚠ BREAKING CHANGES * **tools/bigquery-get-table-info:** add allowed dataset support ([#1093](#1093)) * **tool/bigquery-list-dataset-ids:** add allowed datasets support ([#1573](#1573)) ### Features * Add configs and workflows for docs versioning ([#1611](#1611)) ([21ac98b](21ac98b)) * Add metadata in MCP Manifest for Toolbox auth ([#1395](#1395)) ([0b3dac4](0b3dac4)) * Add program name to MySQL connections ([#1617](#1617)) ([c4a22b8](c4a22b8)) * **oracle:** Switch Oracle driver from godror to go-ora ([#1685](#1685)) ([8faf376](8faf376)) * **source/bigquery:** Add optional write mode config ([#1157](#1157)) ([63adc78](63adc78)) * **sources/alloydb,cloudsqlpg,cloudsqlmysql,cloudsqlmssql:** Support PSC connection ([#1686](#1686)) ([9d2bf79](9d2bf79)) * **sources/mssql:** Add app name to MSSQL ([#1620](#1620)) ([1536d1f](1536d1f)) * **sources/oracle:** Add Oracle Source and Tool ([#1456](#1456)) ([3a19a50](3a19a50)) * **tool/bigquery-list-dataset-ids:** Add allowed datasets support ([#1573](#1573)) ([1a44c67](1a44c67)) * **tools/bigquery-get-table-info:** Add allowed dataset support ([#1093](#1093)) ([acb205c](acb205c)) * **tools/dataform:** Add dataform compile tool ([#1470](#1470)) ([3be9b7b](3be9b7b)) * **tools/looker:** Add support for pulse, vacuum and analyze audit and performance functions on a Looker instance ([#1581](#1581)) ([5aed4e1](5aed4e1)) * **tools/looker:** Enable access to the Conversational Analytics API for Looker ([#1596](#1596)) ([2d5a93e](2d5a93e)) ### Bug Fixes * Added google_ml_integration extension to use alloydb ai-nl support api ([#1445](#1445)) ([dbc477a](dbc477a)) * Fix broken links ([#1625](#1625)) ([36c6584](36c6584)) * Remove duplicated build type in Dockerfile ([#1598](#1598)) ([b43c945](b43c945)) * **source/bigquery:** Allowed datasets project id issue with client oauth ([#1663](#1663)) ([f4cf486](f4cf486)) * **sources/looker:** Allow Looker to be configured without setting a Client Id or Secret ([#1496](#1496)) ([67d8221](67d8221)) * **tools/looker:** Refactor run-inline-query logic to helper function ([#1497](#1497)) ([62af39d](62af39d)) * **tools/mysql-list-tables:** Update sql query to resolve subquery scope error ([#1629](#1629)) ([94e19d8](94e19d8)) ### Miscellaneous Chores * Release 0.17.0 ([#1676](#1676)) ([7e22cb4](7e22cb4)) * Release 0.17.0 ([#1681](#1681)) ([18c92b5](18c92b5)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com>
github-actions bot
pushed a commit
that referenced
this pull request
Oct 10, 2025
🤖 I have created a release *beep* *boop* --- ## [0.17.0](v0.16.0...v0.17.0) (2025-10-10) ### ⚠ BREAKING CHANGES * **tools/bigquery-get-table-info:** add allowed dataset support ([#1093](#1093)) * **tool/bigquery-list-dataset-ids:** add allowed datasets support ([#1573](#1573)) ### Features * Add configs and workflows for docs versioning ([#1611](#1611)) ([21ac98b](21ac98b)) * Add metadata in MCP Manifest for Toolbox auth ([#1395](#1395)) ([0b3dac4](0b3dac4)) * Add program name to MySQL connections ([#1617](#1617)) ([c4a22b8](c4a22b8)) * **oracle:** Switch Oracle driver from godror to go-ora ([#1685](#1685)) ([8faf376](8faf376)) * **source/bigquery:** Add optional write mode config ([#1157](#1157)) ([63adc78](63adc78)) * **sources/alloydb,cloudsqlpg,cloudsqlmysql,cloudsqlmssql:** Support PSC connection ([#1686](#1686)) ([9d2bf79](9d2bf79)) * **sources/mssql:** Add app name to MSSQL ([#1620](#1620)) ([1536d1f](1536d1f)) * **sources/oracle:** Add Oracle Source and Tool ([#1456](#1456)) ([3a19a50](3a19a50)) * **tool/bigquery-list-dataset-ids:** Add allowed datasets support ([#1573](#1573)) ([1a44c67](1a44c67)) * **tools/bigquery-get-table-info:** Add allowed dataset support ([#1093](#1093)) ([acb205c](acb205c)) * **tools/dataform:** Add dataform compile tool ([#1470](#1470)) ([3be9b7b](3be9b7b)) * **tools/looker:** Add support for pulse, vacuum and analyze audit and performance functions on a Looker instance ([#1581](#1581)) ([5aed4e1](5aed4e1)) * **tools/looker:** Enable access to the Conversational Analytics API for Looker ([#1596](#1596)) ([2d5a93e](2d5a93e)) ### Bug Fixes * Added google_ml_integration extension to use alloydb ai-nl support api ([#1445](#1445)) ([dbc477a](dbc477a)) * Fix broken links ([#1625](#1625)) ([36c6584](36c6584)) * Remove duplicated build type in Dockerfile ([#1598](#1598)) ([b43c945](b43c945)) * **source/bigquery:** Allowed datasets project id issue with client oauth ([#1663](#1663)) ([f4cf486](f4cf486)) * **sources/looker:** Allow Looker to be configured without setting a Client Id or Secret ([#1496](#1496)) ([67d8221](67d8221)) * **tools/looker:** Refactor run-inline-query logic to helper function ([#1497](#1497)) ([62af39d](62af39d)) * **tools/mysql-list-tables:** Update sql query to resolve subquery scope error ([#1629](#1629)) ([94e19d8](94e19d8)) ### Miscellaneous Chores * Release 0.17.0 ([#1676](#1676)) ([7e22cb4](7e22cb4)) * Release 0.17.0 ([#1681](#1681)) ([18c92b5](18c92b5)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com> de19d52
github-actions bot
pushed a commit
that referenced
this pull request
Oct 10, 2025
🤖 I have created a release *beep* *boop* --- ## [0.17.0](v0.16.0...v0.17.0) (2025-10-10) ### ⚠ BREAKING CHANGES * **tools/bigquery-get-table-info:** add allowed dataset support ([#1093](#1093)) * **tool/bigquery-list-dataset-ids:** add allowed datasets support ([#1573](#1573)) ### Features * Add configs and workflows for docs versioning ([#1611](#1611)) ([21ac98b](21ac98b)) * Add metadata in MCP Manifest for Toolbox auth ([#1395](#1395)) ([0b3dac4](0b3dac4)) * Add program name to MySQL connections ([#1617](#1617)) ([c4a22b8](c4a22b8)) * **oracle:** Switch Oracle driver from godror to go-ora ([#1685](#1685)) ([8faf376](8faf376)) * **source/bigquery:** Add optional write mode config ([#1157](#1157)) ([63adc78](63adc78)) * **sources/alloydb,cloudsqlpg,cloudsqlmysql,cloudsqlmssql:** Support PSC connection ([#1686](#1686)) ([9d2bf79](9d2bf79)) * **sources/mssql:** Add app name to MSSQL ([#1620](#1620)) ([1536d1f](1536d1f)) * **sources/oracle:** Add Oracle Source and Tool ([#1456](#1456)) ([3a19a50](3a19a50)) * **tool/bigquery-list-dataset-ids:** Add allowed datasets support ([#1573](#1573)) ([1a44c67](1a44c67)) * **tools/bigquery-get-table-info:** Add allowed dataset support ([#1093](#1093)) ([acb205c](acb205c)) * **tools/dataform:** Add dataform compile tool ([#1470](#1470)) ([3be9b7b](3be9b7b)) * **tools/looker:** Add support for pulse, vacuum and analyze audit and performance functions on a Looker instance ([#1581](#1581)) ([5aed4e1](5aed4e1)) * **tools/looker:** Enable access to the Conversational Analytics API for Looker ([#1596](#1596)) ([2d5a93e](2d5a93e)) ### Bug Fixes * Added google_ml_integration extension to use alloydb ai-nl support api ([#1445](#1445)) ([dbc477a](dbc477a)) * Fix broken links ([#1625](#1625)) ([36c6584](36c6584)) * Remove duplicated build type in Dockerfile ([#1598](#1598)) ([b43c945](b43c945)) * **source/bigquery:** Allowed datasets project id issue with client oauth ([#1663](#1663)) ([f4cf486](f4cf486)) * **sources/looker:** Allow Looker to be configured without setting a Client Id or Secret ([#1496](#1496)) ([67d8221](67d8221)) * **tools/looker:** Refactor run-inline-query logic to helper function ([#1497](#1497)) ([62af39d](62af39d)) * **tools/mysql-list-tables:** Update sql query to resolve subquery scope error ([#1629](#1629)) ([94e19d8](94e19d8)) ### Miscellaneous Chores * Release 0.17.0 ([#1676](#1676)) ([7e22cb4](7e22cb4)) * Release 0.17.0 ([#1681](#1681)) ([18c92b5](18c92b5)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com> de19d52
github-actions bot
pushed a commit
to renovate-bot/googleapis-_-genai-toolbox
that referenced
this pull request
Oct 10, 2025
🤖 I have created a release *beep* *boop* --- ## [0.17.0](googleapis/genai-toolbox@v0.16.0...v0.17.0) (2025-10-10) ### ⚠ BREAKING CHANGES * **tools/bigquery-get-table-info:** add allowed dataset support ([googleapis#1093](googleapis#1093)) * **tool/bigquery-list-dataset-ids:** add allowed datasets support ([googleapis#1573](googleapis#1573)) ### Features * Add configs and workflows for docs versioning ([googleapis#1611](googleapis#1611)) ([21ac98b](googleapis@21ac98b)) * Add metadata in MCP Manifest for Toolbox auth ([googleapis#1395](googleapis#1395)) ([0b3dac4](googleapis@0b3dac4)) * Add program name to MySQL connections ([googleapis#1617](googleapis#1617)) ([c4a22b8](googleapis@c4a22b8)) * **oracle:** Switch Oracle driver from godror to go-ora ([googleapis#1685](googleapis#1685)) ([8faf376](googleapis@8faf376)) * **source/bigquery:** Add optional write mode config ([googleapis#1157](googleapis#1157)) ([63adc78](googleapis@63adc78)) * **sources/alloydb,cloudsqlpg,cloudsqlmysql,cloudsqlmssql:** Support PSC connection ([googleapis#1686](googleapis#1686)) ([9d2bf79](googleapis@9d2bf79)) * **sources/mssql:** Add app name to MSSQL ([googleapis#1620](googleapis#1620)) ([1536d1f](googleapis@1536d1f)) * **sources/oracle:** Add Oracle Source and Tool ([googleapis#1456](googleapis#1456)) ([3a19a50](googleapis@3a19a50)) * **tool/bigquery-list-dataset-ids:** Add allowed datasets support ([googleapis#1573](googleapis#1573)) ([1a44c67](googleapis@1a44c67)) * **tools/bigquery-get-table-info:** Add allowed dataset support ([googleapis#1093](googleapis#1093)) ([acb205c](googleapis@acb205c)) * **tools/dataform:** Add dataform compile tool ([googleapis#1470](googleapis#1470)) ([3be9b7b](googleapis@3be9b7b)) * **tools/looker:** Add support for pulse, vacuum and analyze audit and performance functions on a Looker instance ([googleapis#1581](googleapis#1581)) ([5aed4e1](googleapis@5aed4e1)) * **tools/looker:** Enable access to the Conversational Analytics API for Looker ([googleapis#1596](googleapis#1596)) ([2d5a93e](googleapis@2d5a93e)) ### Bug Fixes * Added google_ml_integration extension to use alloydb ai-nl support api ([googleapis#1445](googleapis#1445)) ([dbc477a](googleapis@dbc477a)) * Fix broken links ([googleapis#1625](googleapis#1625)) ([36c6584](googleapis@36c6584)) * Remove duplicated build type in Dockerfile ([googleapis#1598](googleapis#1598)) ([b43c945](googleapis@b43c945)) * **source/bigquery:** Allowed datasets project id issue with client oauth ([googleapis#1663](googleapis#1663)) ([f4cf486](googleapis@f4cf486)) * **sources/looker:** Allow Looker to be configured without setting a Client Id or Secret ([googleapis#1496](googleapis#1496)) ([67d8221](googleapis@67d8221)) * **tools/looker:** Refactor run-inline-query logic to helper function ([googleapis#1497](googleapis#1497)) ([62af39d](googleapis@62af39d)) * **tools/mysql-list-tables:** Update sql query to resolve subquery scope error ([googleapis#1629](googleapis#1629)) ([94e19d8](googleapis@94e19d8)) ### Miscellaneous Chores * Release 0.17.0 ([googleapis#1676](googleapis#1676)) ([7e22cb4](googleapis@7e22cb4)) * Release 0.17.0 ([googleapis#1681](googleapis#1681)) ([18c92b5](googleapis@18c92b5)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com> de19d52
github-actions bot
pushed a commit
to renovate-bot/googleapis-_-genai-toolbox
that referenced
this pull request
Oct 10, 2025
🤖 I have created a release *beep* *boop* --- ## [0.17.0](googleapis/genai-toolbox@v0.16.0...v0.17.0) (2025-10-10) ### ⚠ BREAKING CHANGES * **tools/bigquery-get-table-info:** add allowed dataset support ([googleapis#1093](googleapis#1093)) * **tool/bigquery-list-dataset-ids:** add allowed datasets support ([googleapis#1573](googleapis#1573)) ### Features * Add configs and workflows for docs versioning ([googleapis#1611](googleapis#1611)) ([21ac98b](googleapis@21ac98b)) * Add metadata in MCP Manifest for Toolbox auth ([googleapis#1395](googleapis#1395)) ([0b3dac4](googleapis@0b3dac4)) * Add program name to MySQL connections ([googleapis#1617](googleapis#1617)) ([c4a22b8](googleapis@c4a22b8)) * **oracle:** Switch Oracle driver from godror to go-ora ([googleapis#1685](googleapis#1685)) ([8faf376](googleapis@8faf376)) * **source/bigquery:** Add optional write mode config ([googleapis#1157](googleapis#1157)) ([63adc78](googleapis@63adc78)) * **sources/alloydb,cloudsqlpg,cloudsqlmysql,cloudsqlmssql:** Support PSC connection ([googleapis#1686](googleapis#1686)) ([9d2bf79](googleapis@9d2bf79)) * **sources/mssql:** Add app name to MSSQL ([googleapis#1620](googleapis#1620)) ([1536d1f](googleapis@1536d1f)) * **sources/oracle:** Add Oracle Source and Tool ([googleapis#1456](googleapis#1456)) ([3a19a50](googleapis@3a19a50)) * **tool/bigquery-list-dataset-ids:** Add allowed datasets support ([googleapis#1573](googleapis#1573)) ([1a44c67](googleapis@1a44c67)) * **tools/bigquery-get-table-info:** Add allowed dataset support ([googleapis#1093](googleapis#1093)) ([acb205c](googleapis@acb205c)) * **tools/dataform:** Add dataform compile tool ([googleapis#1470](googleapis#1470)) ([3be9b7b](googleapis@3be9b7b)) * **tools/looker:** Add support for pulse, vacuum and analyze audit and performance functions on a Looker instance ([googleapis#1581](googleapis#1581)) ([5aed4e1](googleapis@5aed4e1)) * **tools/looker:** Enable access to the Conversational Analytics API for Looker ([googleapis#1596](googleapis#1596)) ([2d5a93e](googleapis@2d5a93e)) ### Bug Fixes * Added google_ml_integration extension to use alloydb ai-nl support api ([googleapis#1445](googleapis#1445)) ([dbc477a](googleapis@dbc477a)) * Fix broken links ([googleapis#1625](googleapis#1625)) ([36c6584](googleapis@36c6584)) * Remove duplicated build type in Dockerfile ([googleapis#1598](googleapis#1598)) ([b43c945](googleapis@b43c945)) * **source/bigquery:** Allowed datasets project id issue with client oauth ([googleapis#1663](googleapis#1663)) ([f4cf486](googleapis@f4cf486)) * **sources/looker:** Allow Looker to be configured without setting a Client Id or Secret ([googleapis#1496](googleapis#1496)) ([67d8221](googleapis@67d8221)) * **tools/looker:** Refactor run-inline-query logic to helper function ([googleapis#1497](googleapis#1497)) ([62af39d](googleapis@62af39d)) * **tools/mysql-list-tables:** Update sql query to resolve subquery scope error ([googleapis#1629](googleapis#1629)) ([94e19d8](googleapis@94e19d8)) ### Miscellaneous Chores * Release 0.17.0 ([googleapis#1676](googleapis#1676)) ([7e22cb4](googleapis@7e22cb4)) * Release 0.17.0 ([googleapis#1681](googleapis#1681)) ([18c92b5](googleapis@18c92b5)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> Co-authored-by: Wenxin Du <117315983+duwenxin99@users.noreply.github.com> de19d52
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Adds an optional write_mode configuration to the BigQuery source, enhancing security by controlling the types of SQL statements that can be executed to prevent unauthorized data modification.
Key Changes
Added writeMode Configuration: A new write_mode field is added to the BigQuery source, supporting three modes:
allowed (Default): Permits all SQL statements.
blocked: Allows only SELECT queries.
protected: Enables session-based execution, restricting write operations (like CREATE TABLE) to the session's temporary dataset, thus protecting permanent datasets. Note: at the moment, this won't work with useClientOAuth, will fix this in the future.
These restrictions primarily apply to the bigquery-execute-sql tool and the session may be used in other tools.