Skip to content

WIP deletion warning for more resources#4823

Draft
denik wants to merge 5 commits intomainfrom
denik/recreate-delete-warning
Draft

WIP deletion warning for more resources#4823
denik wants to merge 5 commits intomainfrom
denik/recreate-delete-warning

Conversation

@denik
Copy link
Copy Markdown
Contributor

@denik denik commented Mar 24, 2026

Changes

Why

Tests

denik and others added 5 commits March 23, 2026 17:25
@denik
Warn on delete/recreate for all resources by default, with safe-list …
95dc70f 
…exceptions

Invert the deploy/destroy approval logic: instead of listing specific resource
types to warn about (schemas, volumes, pipelines, dashboards), warn for all
resource types by default and maintain an allowlist of resources that are safe
to delete/recreate without data loss.

Resources now safe-listed (no warning): jobs, model_serving_endpoints, clusters,
apps, sql_warehouses, external_locations, synced_database_tables, postgres_endpoints.

All other resources (15 types) now trigger a warning, including newly warned:
catalogs, secret_scopes, database_instances, database_catalogs, postgres_projects,
postgres_branches, models, registered_models, experiments, quality_monitors, alerts.

Co-authored-by: Isaac
@denik
Fix empty data-loss warning for safe resource types
c923ca6 
Child resources like permissions and grants (e.g. "apps.permissions")
were not recognized as belonging to a safe parent resource type,
causing an empty warning header to appear during destroy.

Co-authored-by: Isaac
@denik
Exclude child resources (permissions, grants) from destructive action…
3750c93 
… filter

Move the IsChildResource() check from the printing loop into the collection
loop. Deleting permissions or grants of a resource does not cause data loss,
so they should not trigger the warning prompt regardless of the parent
resource type.

Co-authored-by: Isaac
@pietern @denik
Pin GitHub action references (#4817)
fbe28cd 
## Summary

- Pin all GitHub action references to their commit SHAs
- Each SHA maps to the current tag for the action at the time of pinning
@denik
Restore per-resource-type warning messages for deploy/destroy
c851fa5 
Replace the generic "data loss" message with informative per-resource-type
messages. A new resourceDestroyMessage map maps each resource type to its
specific warning (or empty string for safe types). This map serves as the
single source of truth for both the warning text and the safe/unsafe decision.

Add TestResourceDestroyMessageIsComplete to ensure every resource type in
SupportedResources() has an entry in the map, and vice versa.

Co-authored-by: Isaac
@denik denik temporarily deployed to test-trigger-is March 24, 2026 08:01 — with GitHub Actions Inactive
@eng-dev-ecosystem-bot
Copy link
Copy Markdown
Collaborator

eng-dev-ecosystem-bot commented Mar 24, 2026
edited
Loading

Commit: c851fa5

Run: 23479142959

Env 🪲​BUG ❌​FAIL 🟨​KNOWN 🔄​flaky 💚​RECOVERED 🙈​SKIP ✅​pass 🙈​skip Time
🪲​ aws linux 12 4 7 1 9 255 801 5:59
🪲​ aws windows 12 2 7 1 9 259 799 5:03
🪲​ aws-ucws linux 12 8 2 6 9 349 716 7:19
🪲​ aws-ucws windows 12 5 1 7 9 354 714 6:35
🪲​ azure linux 12 2 1 1 11 260 799 15:42
🪲​ azure windows 12 2 1 1 11 262 797 13:50
🪲​ azure-ucws linux 12 5 1 1 11 357 712 9:15
🪲​ azure-ucws windows 12 5 1 1 11 359 710 5:23
🪲​ gcp linux 11 1 2 11 258 802 11:50
🪲​ gcp windows 11 1 1 11 261 800 11:33
39 interesting tests: 12 BUG, 10 FAIL, 9 SKIP, 8 KNOWN
Test Name aws linux aws windows aws-ucws linux aws-ucws windows azure linux azure windows azure-ucws linux azure-ucws windows gcp linux gcp windows
🟨​ TestAccept 🟨​K 🟨​K 🟨​K 🟨​K 🟨​K 🟨​K 🟨​K 🟨​K 🟨​K 🟨​K
🪲​ TestAccept/bundle/deploy/mlops-stacks 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🪲​ TestAccept/bundle/deploy/mlops-stacks/DATABRICKS_BUNDLE_ENGINE=terraform 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🪲​ TestAccept/bundle/destroy/jobs-and-pipeline 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🪲​ TestAccept/bundle/destroy/jobs-and-pipeline/DATABRICKS_BUNDLE_ENGINE=direct 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🪲​ TestAccept/bundle/destroy/jobs-and-pipeline/DATABRICKS_BUNDLE_ENGINE=terraform 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🪲​ TestAccept/bundle/resources/alerts/with_file 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🪲​ TestAccept/bundle/resources/alerts/with_file/DATABRICKS_BUNDLE_ENGINE=direct 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🪲​ TestAccept/bundle/resources/alerts/with_file/DATABRICKS_BUNDLE_ENGINE=terraform 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🪲​ TestAccept/bundle/resources/dashboards/generate_inplace 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🪲​ TestAccept/bundle/resources/dashboards/generate_inplace/DATABRICKS_BUNDLE_ENGINE=direct 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🪲​ TestAccept/bundle/resources/dashboards/generate_inplace/DATABRICKS_BUNDLE_ENGINE=terraform 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B
🙈​ TestAccept/bundle/resources/permissions 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🪲​ TestAccept/bundle/resources/permissions/dashboards/create 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🪲​B 🙈​s 🙈​s
❌​ TestAccept/bundle/resources/permissions/dashboards/create/DATABRICKS_BUNDLE_ENGINE=direct ❌​F ❌​F ❌​F ❌​F ❌​F ❌​F ❌​F ❌​F
❌​ TestAccept/bundle/resources/permissions/dashboards/create/DATABRICKS_BUNDLE_ENGINE=terraform ❌​F ❌​F ❌​F ❌​F ❌​F ❌​F ❌​F ❌​F
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/with_permissions 🟨​K 🟨​K 💚​R 💚​R 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/with_permissions/DATABRICKS_BUNDLE_ENGINE=direct 🟨​K 🟨​K 💚​R 💚​R
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/with_permissions/DATABRICKS_BUNDLE_ENGINE=terraform 🟨​K 🟨​K 💚​R 💚​R
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/without_permissions 🟨​K 🟨​K 💚​R 💚​R 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/without_permissions/DATABRICKS_BUNDLE_ENGINE=direct 🟨​K 🟨​K 💚​R 💚​R
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/without_permissions/DATABRICKS_BUNDLE_ENGINE=terraform 🟨​K 🟨​K 💚​R 💚​R
🙈​ TestAccept/bundle/resources/postgres_branches/basic 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/postgres_branches/recreate 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/postgres_branches/update_protected 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/postgres_branches/without_branch_id 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/postgres_endpoints/basic 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/postgres_endpoints/recreate 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/postgres_projects/update_display_name 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/synced_database_tables/basic 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
❌​ TestAccept/bundle/resources/volumes/recreate 🙈​s 🙈​s ❌​F ❌​F 🙈​s 🙈​s ❌​F ❌​F 🙈​s 🙈​s
❌​ TestAccept/bundle/resources/volumes/recreate/DATABRICKS_BUNDLE_ENGINE=direct ❌​F ❌​F ❌​F ❌​F
❌​ TestAccept/bundle/resources/volumes/recreate/DATABRICKS_BUNDLE_ENGINE=terraform ❌​F ❌​F ❌​F ❌​F
❌​ TestAccept/ssh/connect-serverless-gpu 🙈​s 🙈​s ❌​F ✅​p 🙈​s 🙈​s ✅​p ✅​p 🙈​s 🙈​s
❌​ TestAccept/ssh/connect-serverless-gpu/DATABRICKS_BUNDLE_ENGINE=direct ❌​F ✅​p ✅​p ✅​p
🟨​ TestAccept/ssh/connection 💚​R 💚​R 🟨​K 💚​R 💚​R 💚​R 💚​R 💚​R 🔄​f 💚​R
❌​ TestAccept/ssh/connection/DATABRICKS_BUNDLE_ENGINE=direct ✅​p ✅​p ❌​F ✅​p ✅​p ✅​p ✅​p ✅​p 🔄​f ✅​p
❌​ TestSecretsPutSecretBytesValue ❌​F ✅​p 🙈​s 🙈​s ✅​p ✅​p ✅​p ✅​p ✅​p ✅​p
❌​ TestSecretsPutSecretStringValue ❌​F ✅​p 🙈​s 🙈​s ✅​p ✅​p ✅​p ✅​p ✅​p ✅​p
Top 21 slowest tests (at least 2 minutes):
duration env testname
3:50 azure-ucws linux TestAccept/ssh/connect-serverless-gpu/DATABRICKS_BUNDLE_ENGINE=direct
3:46 gcp linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
3:43 gcp linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
3:42 gcp windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
3:39 azure windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
3:38 gcp windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
3:21 azure-ucws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
3:14 azure-ucws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
3:11 aws-ucws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
3:08 aws-ucws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:55 aws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:52 aws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:52 azure linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:47 aws-ucws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:45 aws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:41 azure linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:38 azure-ucws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:33 aws-ucws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:24 aws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:20 azure windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:13 azure-ucws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jefferycheng1 jefferycheng1 Awaiting requested review from jefferycheng1 jefferycheng1 will be requested when the pull request is marked ready for review jefferycheng1 is a code owner

@kanterov kanterov Awaiting requested review from kanterov kanterov will be requested when the pull request is marked ready for review kanterov is a code owner

@lennartkats-db lennartkats-db Awaiting requested review from lennartkats-db lennartkats-db will be requested when the pull request is marked ready for review lennartkats-db is a code owner

@andrewnester andrewnester Awaiting requested review from andrewnester andrewnester will be requested when the pull request is marked ready for review andrewnester is a code owner

@anton-107 anton-107 Awaiting requested review from anton-107 anton-107 will be requested when the pull request is marked ready for review anton-107 is a code owner

@pietern pietern Awaiting requested review from pietern pietern will be requested when the pull request is marked ready for review pietern is a code owner

@shreyas-goenka shreyas-goenka Awaiting requested review from shreyas-goenka shreyas-goenka will be requested when the pull request is marked ready for review shreyas-goenka is a code owner

@simonfaltum simonfaltum Awaiting requested review from simonfaltum simonfaltum will be requested when the pull request is marked ready for review simonfaltum is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@denik @eng-dev-ecosystem-bot @pietern