fix: [3.0] preserve wildcard privilege in RBAC backup/restore by shaoting-huang · Pull Request #49012 · milvus-io/milvus

shaoting-huang · 2026-04-14T06:52:14Z

Catalog.RestoreRBAC routed IsAnyWord through the IsPrivilegeNameDefined /else branches and ended up calling PrivilegeGroupNameForMetastore(""), writing 'grantee-id//PrivilegeGroup'.
MetaTable.CheckIfRBACRestorable rejected wildcard grants with 'privilege [*] does not exist' before broadcastRestoreRBACV2 ever reached the catalog, so the catalog fix alone was unreachable on the in-process restore path.

issue: #48963
pr: #48978

sre-ci-robot · 2026-04-14T06:53:22Z

[INFO] PR Label Summary by Default
[FAILED] PR #48978 not merged

Title: fix: [RBAC] preserve wildcard privilege in RBAC backup/restore
Status: OPEN
Link: fix: [RBAC] preserve wildcard privilege in RBAC backup/restore #48978

[WARNING] Milestone not set

PR: fix: [3.0] preserve wildcard privilege in RBAC backup/restore #49012
Title: fix: [3.0] preserve wildcard privilege in RBAC backup/restore
Please set a milestone for better release tracking

You can set milestone by commenting:
/set-milestone
Example:
/set-milestone 2.5.0

Use /refresh-label to update related check and label manually

sre-ci-robot · 2026-04-14T06:53:24Z

[ci-v2-notice]
Notice: ci-v2 system is enabled for this PR (3.0 branch).

To rerun ci-v2 checks, comment with:

/ci-rerun-build-ut-cov // for ci-v2/build-ut-cov (build + unit tests)
/ci-rerun-e2e-amd // for ci-v2/e2e-amd (e2e tests)
/ci-rerun-gosdk // for ci-v2/go-sdk (Go SDK E2E tests)

If you have any questions or requests, please contact @zhikunyao.

sre-ci-robot · 2026-04-14T07:55:58Z

❌ CI Loop Results `5c2170d`

Stage	Result	Duration	Tests
✅ Build	SUCCESS	12.4min	-
❌ Code-Check	FAILURE	7.6min	-
❌ UT-CPP-Cov	FAILURE	44.3min	7070 run, 1 failed

Total: 59min | Pipeline | Artifacts

Failed Test Logs:

UT-CPP-Cov: view log

liliu-z · 2026-04-14T14:39:44Z

/lgtm
/approve

sre-ci-robot · 2026-04-14T14:40:27Z

[INFO] PR Label Summary by Default
[SUCCESS] PR #48978 merged to master

Title: fix: [RBAC] preserve wildcard privilege in RBAC backup/restore
Link: fix: [RBAC] preserve wildcard privilege in RBAC backup/restore #48978

[WARNING] Milestone not set

PR: fix: [3.0] preserve wildcard privilege in RBAC backup/restore #49012
Title: fix: [3.0] preserve wildcard privilege in RBAC backup/restore
Please set a milestone for better release tracking

You can set milestone by commenting:
/set-milestone
Example:
/set-milestone 2.5.0

Use /refresh-label to update related check and label manually

liliu-z

/lgtm
/approve

shaoting-huang · 2026-04-15T03:52:21Z

ci-rerun-build-ut-cov

sre-ci-robot · 2026-04-15T07:22:54Z

❌ CI Loop Results `5c2170d`

Stage	Result	Duration	Tests
✅ Build	SUCCESS	8.1min	-
❌ Code-Check	FAILURE	2.9min	-
✅ UT-CPP-Cov	SUCCESS	29.2min	7070 passed

Total: 39min | Pipeline | Artifacts

- Catalog.RestoreRBAC routed IsAnyWord through the IsPrivilegeNameDefined /else branches and ended up calling PrivilegeGroupNameForMetastore("*"), writing 'grantee-id/<id>/PrivilegeGroup*'. - MetaTable.CheckIfRBACRestorable rejected wildcard grants with 'privilege [*] does not exist' before broadcastRestoreRBACV2 ever reached the catalog, so the catalog fix alone was unreachable on the in-process restore path. issue: milvus-io#48963 Signed-off-by: shaoting-huang <shaoting.huang@zilliz.com> (cherry picked from commit b3211b1)

sre-ci-robot · 2026-04-16T11:48:33Z

[INFO] PR Label Summary by Default
[SUCCESS] PR #48978 merged to master

Title: fix: [RBAC] preserve wildcard privilege in RBAC backup/restore
Link: fix: [RBAC] preserve wildcard privilege in RBAC backup/restore #48978

Use /refresh-label to update related check and label manually

sre-ci-robot · 2026-04-16T12:45:23Z

✅ CI Loop Results `111b4cd`

Stage	Result	Duration	Tests
✅ Build	SUCCESS	8.0min	-
✅ Code-Check	SUCCESS	4.6min	-
✅ UT-GO	SUCCESS	15.5min	926 passed
✅ UT-Integration	SUCCESS	23.3min	46 passed
✅ UT-CPP-Cov	SUCCESS	30.8min	7070 passed

Total: 55min | Pipeline | Artifacts

liliu-z · 2026-04-17T02:32:33Z

/lgtm
/approve

sre-ci-robot · 2026-04-17T02:32:43Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: liliu-z, shaoting-huang

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~OWNERS~~ [liliu-z]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

sre-ci-robot · 2026-04-17T02:33:11Z

[INFO] PR Label Summary by Default
[SUCCESS] PR #48978 merged to master

Title: fix: [RBAC] preserve wildcard privilege in RBAC backup/restore
Link: fix: [RBAC] preserve wildcard privilege in RBAC backup/restore #48978

Use /refresh-label to update related check and label manually

sre-ci-robot requested review from cydrain and czs007 April 14, 2026 06:52

sre-ci-robot added the size/L Denotes a PR that changes 100-499 lines. label Apr 14, 2026

mergify bot added dco-passed DCO check passed. kind/bug Issues or changes related a bug labels Apr 14, 2026

sre-ci-robot added do-not-merge/need-merge-master-first any pr merge to release branch need to merge master first do-not-merge/need-milestone generate by v2-label-manager labels Apr 14, 2026

shaoting-huang removed the do-not-merge/need-merge-master-first any pr merge to release branch need to merge master first label Apr 14, 2026

sre-ci-robot assigned liliu-z Apr 14, 2026

sre-ci-robot added lgtm approved labels Apr 14, 2026

liliu-z reviewed Apr 15, 2026

View reviewed changes

shaoting-huang added this to the 3.0 milestone Apr 15, 2026

shaoting-huang removed the do-not-merge/need-milestone generate by v2-label-manager label Apr 15, 2026

shaoting-huang force-pushed the cp/48963-3.0 branch from 5c2170d to 111b4cd Compare April 16, 2026 11:47

sre-ci-robot removed the lgtm label Apr 16, 2026

mergify bot added the ci-passed label Apr 16, 2026

sre-ci-robot added the lgtm label Apr 17, 2026

sre-ci-robot merged commit b621ab9 into milvus-io:3.0 Apr 17, 2026
9 of 12 checks passed

Conversation

shaoting-huang commented Apr 14, 2026

Uh oh!

sre-ci-robot commented Apr 14, 2026

Uh oh!

sre-ci-robot commented Apr 14, 2026

Uh oh!

sre-ci-robot commented Apr 14, 2026

❌ CI Loop Results 5c2170d

Uh oh!

liliu-z commented Apr 14, 2026

Uh oh!

sre-ci-robot commented Apr 14, 2026

Uh oh!

liliu-z left a comment

Choose a reason for hiding this comment

Uh oh!

shaoting-huang commented Apr 15, 2026

Uh oh!

sre-ci-robot commented Apr 15, 2026

❌ CI Loop Results 5c2170d

Uh oh!

sre-ci-robot commented Apr 16, 2026

Uh oh!

sre-ci-robot commented Apr 16, 2026

✅ CI Loop Results 111b4cd

Uh oh!

liliu-z commented Apr 17, 2026

Uh oh!

sre-ci-robot commented Apr 17, 2026

Uh oh!

sre-ci-robot commented Apr 17, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

❌ CI Loop Results `5c2170d`

❌ CI Loop Results `5c2170d`

✅ CI Loop Results `111b4cd`