Ahjo

SQLAlchemy 2.0.2 support
SQLAlchemy version requirement was changed to 2.0.2. **This may affect existing ahjo projects**. More information about the changes required to migrate to SQLAlchemy 2.0 can be found here:

- [SQLAlchemy 2.0 - Major Migration Guide](https://docs.sqlalchemy.org/en/20/changelog/migration_20.html#migrating-to-sqlalchemy-2-0)
- [What’s New in SQLAlchemy 2.0?](https://docs.sqlalchemy.org/en/20/changelog/whatsnew_20.html)

Support for PyODBC connection string configuration
Added ability to configure the value of TrustServerCertificate and Encrypt in ODBC connection string.
In previous versions, these parameters were hard coded as `TrustServerCertificate=no` and `Encrypt=no`.

New (optional) variables in ahjo config:
- `odbc_trust_server_certificate` - Possible values: `yes` or `no`
- `odbc_encrypt` - Possible values: `yes` or `no`

Alembic 1.9.2 support
Alembic version requirement was changed to 1.9.2.

Change DefaultAzureCredential to AzureCliCredential

Simplified the workflow of obtaining an access token from [azure-identity](https://pypi.org/project/azure-identity/) library.
Changed Azure Identity authentication method from `DefaultAzureCredential` to `AzureCliCredential`.

Instructions for enabling azure identity authentication in ahjo:

1. Install [Azure CLI](https://learn.microsoft.com/en-us/cli/azure/install-azure-cli)
2. Set the config variable `azure_authentication` to `AzureIdentity`

Sign in interactively through your browser with the `az login` command.
If the login is successful, ahjo will use Azure credentials for creating an engine that connects to an Azure SQL database.

It should be noted that projects created with ahjo versions prior to 3.1.0 are not compatible with azure-identity based login. To make previously created ahjo projects compatible, you need to update the method `run_migrations_online` in `alembic/env.py` in the following way:


Old env.py
connectable = create_engine(du.create_sqlalchemy_url(conn_info))

New env.py
connectable = du.create_sqlalchemy_engine(
du.create_sqlalchemy_url(conn_info),
token = conn_info.get("token")
)

Support for connecting to databases with Azure Active Directory access tokens

Added ability to authenticate with [azure-identity library](https://pypi.org/project/azure-identity/). Azure specific dependencies can be installed with a new platform tag:

`pip install ahjo[azure]`

Ahjo authentication with azure-identity can be enabled by setting the config variable `azure_authentication` to `DefaultAzureCredential`. This setting provides a default TokenCredential authentication flow, defined in detail [here](https://learn.microsoft.com/en-us/dotnet/api/azure.identity.defaultazurecredential?view=azure-dotnet).

Managed identity client id and token url are defined in the ahjo settings as follows:

{
"BACKEND": {
...
"azure_authentication": "DefaultAzureCredential",
"azure_identity_settings": {
"managed_identity_client_id": "managed_identity_id_value", // The client ID of a user-assigned managed identity.
"token_url": "token_url_value" // (default: https://database.windows.net/.default)
}
...
},
...
}


It should be noted that projects created with previous ahjo versions are not compatible with azure-identity based login. To make previously created ahjo projects compatible, you need to update the method `run_migrations_online` in `alembic/env.py` in the following way:


Old env.py
connectable = create_engine(du.create_sqlalchemy_url(conn_info))

New env.py
connectable = du.create_sqlalchemy_engine(
du.create_sqlalchemy_url(conn_info),
conn_info.get("token")
)

Multi-project-build
With one command, you can run actions (or multi-actions) of multiple projects at once:

`ahjo-multi-project-build path/to/config.jsonc`

SQLAlchemy 2.0 support
Ahjo is now compatible with SQLAlchemy 2.0.

Improved error handling in data insert (MSSQL)
By default, set XACT_ABORT ON and NOCOUNT ON when inserting data with ahjo data command.

API key on pipelines running Safety
Added API key when running Safety.

Support for creating db permissions with sqlalchemy
Added new optional variables to config: `db_permissions` and `db_permission_invoke_method`. The SQL script in `database/create_db_permissions.sql` can be executed with sqlalchemy by setting `db_permission_invoke_method` to `sqlalchemy`.
The parameter `db_permissions` can be used if the script is located in a different file path or if it needs to include scripting variables, for example:

"db_permissions": [
{
"source": "./database/permissions/create_db_1_permissions.sql"
},
{
"source": "./database/permissions/create_db_2_permissions.sql",
"variables":
{
"VARIABLE_REF": "VARIABLE_VALUE"
}
}
],
"db_permission_invoke_method": "sqlalchemy" // Available options: "sqlcmd" (default) or "sqlalchemy"


In SQL files, scripting variables are referenced with syntax: `$(VARIABLE_REF)`.

Fix distutils deprecation warning
The distutils package is deprecated and slated for removal in Python 3.12. In this version, disutils copy_tree was changed to shutil copytree.

Update bitbucket pipeline to support Python 3.10
Change python 3.9 image to python 3.10.4.

Default action to drop obsolete database objects
Added a new master action: drop-obsolete.

Increase the length of columns in git_version table
Change the size of Repository and Branch columns to 255.

Enable Ahjo to use JSON as git version file format
From this version onwards, git version information can be retrieved from a json file. The path to the JSON file is specified by "git_version_info_path" configuration parameter. Git version file should contain three attributes: `repository`, `branch` and `commit`.

Calling URL() directly is deprecated
Calling URL() directly is deprecated in SQLAlchemy. In this version, Ahjo uses URL.create() to construct a URL programmatically.

Bug fix: Ahjo fails to update descriptions for table valued functions
Enable Ahjo to update description for table valued functions.

Bug fix: Incorrect padding error
Fix test: test_conn_info.py. Add pad characters at the end of Base64 string.

Bug fix: Running create-db-login can delete existing login for another database
Raise an exception if there exists a different database assigned to the given login name.

Bug fix: Function deploy_sqlfiles fails if directory is not found in data_src
Function sql_files_found returns empty list if directory is not found in data_src.