diff --git a/docs/index.md b/docs/index.md index 7badab2456..2c5f0f4ea6 100644 --- a/docs/index.md +++ b/docs/index.md @@ -347,6 +347,6 @@ provider "snowflake" { } ``` -## Currently deprecated resources + -## Currently deprecated datasources + diff --git a/examples/additional/deprecated_datasources.MD b/examples/additional/deprecated_datasources.MD index e499bf0630..393ab71209 100644 --- a/examples/additional/deprecated_datasources.MD +++ b/examples/additional/deprecated_datasources.MD @@ -1,2 +1,3 @@ -## Currently deprecated datasources + + diff --git a/examples/additional/deprecated_resources.MD b/examples/additional/deprecated_resources.MD index e7086c8327..3b52465691 100644 --- a/examples/additional/deprecated_resources.MD +++ b/examples/additional/deprecated_resources.MD @@ -1,2 +1,3 @@ -## Currently deprecated resources + + diff --git a/pkg/internal/tools/doc-gen-helper/main.go b/pkg/internal/tools/doc-gen-helper/main.go index 926975cc70..887dafbc56 100644 --- a/pkg/internal/tools/doc-gen-helper/main.go +++ b/pkg/internal/tools/doc-gen-helper/main.go @@ -71,18 +71,14 @@ func main() { } } - if len(deprecatedResources) > 0 { - err := printTo(DeprecatedResourcesTemplate, DeprecatedResourcesContext{deprecatedResources}, filepath.Join(additionalExamplesPath, deprecatedResourcesFilename)) - if err != nil { - log.Println(err) - } + err := printTo(DeprecatedResourcesTemplate, DeprecatedResourcesContext{deprecatedResources}, filepath.Join(additionalExamplesPath, deprecatedResourcesFilename)) + if err != nil { + log.Fatal(err) } - if len(deprecatedDatasources) > 0 { - err := printTo(DeprecatedDatasourcesTemplate, DeprecatedDatasourcesContext{deprecatedDatasources}, filepath.Join(additionalExamplesPath, deprecatedDatasourcesFilename)) - if err != nil { - log.Println(err) - } + err = printTo(DeprecatedDatasourcesTemplate, DeprecatedDatasourcesContext{deprecatedDatasources}, filepath.Join(additionalExamplesPath, deprecatedDatasourcesFilename)) + if err != nil { + log.Fatal(err) } } diff --git a/pkg/internal/tools/doc-gen-helper/templates.go b/pkg/internal/tools/doc-gen-helper/templates.go index d4dbc16f86..7121145a68 100644 --- a/pkg/internal/tools/doc-gen-helper/templates.go +++ b/pkg/internal/tools/doc-gen-helper/templates.go @@ -3,7 +3,8 @@ package main import "text/template" var DeprecatedResourcesTemplate, _ = template.New("deprecatedResourcesTemplate").Parse( - `## Currently deprecated resources + ` +{{if gt (len .Resources) 0}} ## Currently deprecated resources {{end}} {{ range .Resources -}} - {{ .NameRelativeLink }}{{ if .ReplacementRelativeLink }} - use {{ .ReplacementRelativeLink }} instead{{ end }} @@ -11,7 +12,8 @@ var DeprecatedResourcesTemplate, _ = template.New("deprecatedResourcesTemplate") ) var DeprecatedDatasourcesTemplate, _ = template.New("deprecatedDatasourcesTemplate").Parse( - `## Currently deprecated datasources + ` +{{if gt (len .Datasources) 0}} ## Currently deprecated data sources {{end}} {{ range .Datasources -}} - {{ .NameRelativeLink }}{{ if .ReplacementRelativeLink }} - use {{ .ReplacementRelativeLink }} instead{{ end }} diff --git a/pkg/resources/database_state_upgraders.go b/pkg/resources/database_state_upgraders.go index c21838d45f..91bcd24c1a 100644 --- a/pkg/resources/database_state_upgraders.go +++ b/pkg/resources/database_state_upgraders.go @@ -17,16 +17,15 @@ func v092DatabaseStateUpgrader(ctx context.Context, rawState map[string]any, met } if v, ok := rawState["from_share"]; ok && v != nil && len(v.(map[string]any)) > 0 { - // TODO: modify here? - return nil, fmt.Errorf("failed to upgrade the state with database created from share, please use snowflake_shared_database or deprecated snowflake_database_old instead") + return nil, fmt.Errorf("failed to upgrade the state with database created from share, please use snowflake_shared_database instead") } if v, ok := rawState["from_replica"]; ok && v != nil && len(v.(string)) > 0 { - return nil, fmt.Errorf("failed to upgrade the state with database created from replica, please use snowflake_secondary_database or deprecated snowflake_database_old instead") + return nil, fmt.Errorf("failed to upgrade the state with database created from replica, please use snowflake_secondary_database instead") } if v, ok := rawState["from_database"]; ok && v != nil && len(v.(string)) > 0 { - return nil, fmt.Errorf("failed to upgrade the state with database created from database, please use snowflake_database or deprecated snowflake_database_old instead. Dislaimer: Right now, database cloning is not supported. They can be imported into mentioned resources, but any differetnce in behavior from standard database won't be handled (and can result in errors)") + return nil, fmt.Errorf("failed to upgrade the state with database created from database, please use snowflake_database instead. Dislaimer: Right now, database cloning is not supported. They can be imported into the mentioned resource, but any differetnce in behavior from standard database won't be handled (and can result in errors)") } if replicationConfigurations, ok := rawState["replication_configuration"]; ok && len(replicationConfigurations.([]any)) == 1 { diff --git a/pkg/resources/manual_tests/upgrade_cloned_database/step_2.tf b/pkg/resources/manual_tests/upgrade_cloned_database/step_2.tf index f6446ce3a2..eb556b849e 100644 --- a/pkg/resources/manual_tests/upgrade_cloned_database/step_2.tf +++ b/pkg/resources/manual_tests/upgrade_cloned_database/step_2.tf @@ -1,6 +1,6 @@ # Commands to run # - terraform init - upgrade -# - terraform plan (should observe upgrader errors similar to: failed to upgrade the state with database created from database, please use snowflake_database or deprecated snowflake_database_old instead...) +# - terraform plan (should observe upgrader errors similar to: failed to upgrade the state with database created from database, please use snowflake_database instead...) # - terraform state rm snowflake_database.cloned (remove cloned database from the state) terraform { @@ -15,12 +15,12 @@ terraform { provider "snowflake" {} resource "snowflake_database" "test" { - name = "test" + name = "test" data_retention_time_in_days = 0 # to avoid in-place update to -1 } resource "snowflake_database" "cloned" { - name = "cloned" - from_database = snowflake_database.test.name + name = "cloned" + from_database = snowflake_database.test.name data_retention_time_in_days = 0 # to avoid in-place update to -1 } diff --git a/pkg/resources/manual_tests/upgrade_secondary_database/step_2.tf b/pkg/resources/manual_tests/upgrade_secondary_database/step_2.tf index 599e971a51..1f48b0e6ae 100644 --- a/pkg/resources/manual_tests/upgrade_secondary_database/step_2.tf +++ b/pkg/resources/manual_tests/upgrade_secondary_database/step_2.tf @@ -1,6 +1,6 @@ # Commands to run # - terraform init - upgrade -# - terraform plan (should observe upgrader errors similar to: failed to upgrade the state with database created from replica, please use snowflake_secondary_database or deprecated snowflake_database_old instead) +# - terraform plan (should observe upgrader errors similar to: failed to upgrade the state with database created from replica, please use snowflake_secondary_database instead) # - terraform state rm snowflake_database.secondary (remove secondary database from the state) terraform { @@ -16,12 +16,12 @@ provider "snowflake" {} provider "snowflake" { profile = "secondary_test_account" - alias = second_account + alias = second_account } resource "snowflake_database" "primary" { - provider = snowflake.second_account - name = "test" + provider = snowflake.second_account + name = "test" data_retention_time_in_days = 0 # to avoid in-place update to -1 replication_configuration { accounts = [""] # TODO: Replace @@ -30,7 +30,7 @@ resource "snowflake_database" "primary" { } resource "snowflake_database" "secondary" { - name = "test" - data_retention_time_in_days = 0 # to avoid in-place update to -1 - from_replica = ".\"${snowflake_database.primary.name}\"" # TODO: Replace + name = "test" + data_retention_time_in_days = 0 # to avoid in-place update to -1 + from_replica = ".\"${snowflake_database.primary.name}\"" # TODO: Replace } diff --git a/pkg/resources/manual_tests/upgrade_shared_database/step_2.tf b/pkg/resources/manual_tests/upgrade_shared_database/step_2.tf index 67711b2879..0ab2f37c8c 100644 --- a/pkg/resources/manual_tests/upgrade_shared_database/step_2.tf +++ b/pkg/resources/manual_tests/upgrade_shared_database/step_2.tf @@ -1,7 +1,6 @@ -// TODO: check if we can omit deprecated objects in migration upgraders # Commands to run # - terraform init - upgrade -# - terraform plan (should observe upgrader errors similar to: failed to upgrade the state with database created from share, please use snowflake_shared_database or deprecated snowflake_database_old instead) +# - terraform plan (should observe upgrader errors similar to: failed to upgrade the state with database created from share, please use snowflake_shared_database instead) # - terraform state rm snowflake_database.from_share (remove shared database from the state) terraform { diff --git a/pkg/snowflake/external_oauth_integration.go b/pkg/snowflake/external_oauth_integration.go deleted file mode 100644 index 80a7c45786..0000000000 --- a/pkg/snowflake/external_oauth_integration.go +++ /dev/null @@ -1,165 +0,0 @@ -package snowflake - -import ( - "database/sql" - "fmt" - "reflect" - - "github.com/jmoiron/sqlx" -) - -type ExternalOauthType string - -const ( - Okta ExternalOauthType = "OKTA" - Azure ExternalOauthType = "AZURE" - PingFederate ExternalOauthType = "PING_FEDERATE" - Custom ExternalOauthType = "CUSTOM" -) - -type SFUserMappingAttribute string - -const ( - LoginName SFUserMappingAttribute = "LOGIN_NAME" - EmailAddress SFUserMappingAttribute = "EMAIL_ADDRESS" -) - -type AnyRoleMode string - -const ( - Disable AnyRoleMode = "DISABLE" - Enable AnyRoleMode = "ENABLE" - EnableForPrivilege AnyRoleMode = "ENABLE_FOR_PRIVILEGE" -) - -type ExternalOauthIntegration3 struct { - TopLevelIdentifier - - Type string `pos:"parameter" db:"type"` - TypeOk bool - Enabled bool `pos:"parameter" db:"enabled"` - EnabledOk bool - ExternalOauthType ExternalOauthType `pos:"parameter" db:"EXTERNAL_OAUTH_TYPE"` - ExternalOauthTypeOk bool - ExternalOauthIssuer string `pos:"parameter" db:"EXTERNAL_OAUTH_ISSUER"` - ExternalOauthIssuerOk bool - ExternalOauthTokenUserMappingClaim []string `pos:"parameter" db:"EXTERNAL_OAUTH_TOKEN_USER_MAPPING_CLAIM"` - ExternalOauthTokenUserMappingClaimOk bool - ExternalOauthSnowflakeUserMappingAttribute SFUserMappingAttribute `pos:"parameter" db:"EXTERNAL_OAUTH_SNOWFLAKE_USER_MAPPING_ATTRIBUTE"` - ExternalOauthSnowflakeUserMappingAttributeOk bool - ExternalOauthJwsKeysURL []string `pos:"parameter" db:"EXTERNAL_OAUTH_JWS_KEYS_URL"` - ExternalOauthJwsKeysURLOk bool - ExternalOauthBlockedRolesList []string `pos:"parameter" db:"EXTERNAL_OAUTH_BLOCKED_ROLES_LIST"` - ExternalOauthBlockedRolesListOk bool - ExternalOauthAllowedRolesList []string `pos:"parameter" db:"EXTERNAL_OAUTH_ALLOWED_ROLES_LIST"` - ExternalOauthAllowedRolesListOk bool - ExternalOauthRsaPublicKey string `pos:"parameter" db:"EXTERNAL_OAUTH_RSA_PUBLIC_KEY"` - ExternalOauthRsaPublicKeyOk bool - ExternalOauthRsaPublicKey2 string `pos:"parameter" db:"EXTERNAL_OAUTH_RSA_PUBLIC_KEY_2"` - ExternalOauthRsaPublicKey2Ok bool - ExternalOauthAudienceList []string `pos:"parameter" db:"EXTERNAL_OAUTH_AUDIENCE_LIST"` - ExternalOauthAudienceListOk bool - ExternalOauthAnyRoleMode AnyRoleMode `pos:"parameter" db:"EXTERNAL_OAUTH_ANY_ROLE_MODE"` - ExternalOauthAnyRoleModeOk bool - ExternalOauthScopeDelimiter string `pos:"parameter" db:"EXTERNAL_OAUTH_SCOPE_DELIMITER"` - ExternalOauthScopeDelimiterOk bool - ExternalOauthScopeMappingAttribute string `pos:"parameter" db:"EXTERNAL_OAUTH_SCOPE_MAPPING_ATTRIBUTE"` - ExternalOauthScopeMappingAttributeOk bool - - Comment sql.NullString `pos:"parameter" db:"comment"` - CommentOk bool -} - -type ExternalOauthIntegration3Manager struct { - BaseManager -} - -func NewExternalOauthIntegration3Manager() (*ExternalOauthIntegration3Manager, error) { - sqlBuilder, err := newSQLBuilder( - "SECURITY INTEGRATION", - "SECURITY INTEGRATIONS", - reflect.TypeOf(ExternalOauthIntegration3CreateInput{}), - reflect.TypeOf(ExternalOauthIntegration3UpdateInput{}), - reflect.TypeOf(ExternalOauthIntegration3UpdateInput{}), - reflect.TypeOf(ExternalOauthIntegration3DeleteInput{}), - reflect.TypeOf(ExternalOauthIntegration3ReadOutput{}), - ) - if err != nil { - return nil, err - } - - return &ExternalOauthIntegration3Manager{ - BaseManager: BaseManager{ - sqlBuilder: *sqlBuilder, - }, - }, nil -} - -type ExternalOauthIntegration3CreateInput struct { - ExternalOauthIntegration3 - - OrReplace bool `pos:"beforeObjectType" value:"OR REPLACE"` - OrReplaceOk bool - IfNotExists bool `pos:"afterObjectType" value:"IF NOT EXISTS"` - IfNotExistsOk bool -} - -func (m *ExternalOauthIntegration3Manager) Create(x *ExternalOauthIntegration3CreateInput) (string, error) { - return m.sqlBuilder.Create(x) -} - -type ( - ExternalOauthIntegration3ReadInput = TopLevelIdentifier - ExternalOauthIntegration3ReadOutput = ExternalOauthIntegration3 -) - -func (m *ExternalOauthIntegration3Manager) ReadDescribe(x *ExternalOauthIntegration3ReadInput) (string, error) { - return m.sqlBuilder.Describe(x) -} - -func (m *ExternalOauthIntegration3Manager) ParseDescribe(rows *sql.Rows) (*ExternalOauthIntegration3ReadOutput, error) { - output := &ExternalOauthIntegration3ReadOutput{} - err := m.sqlBuilder.ParseDescribe(rows, output) - if err != nil { - return nil, err - } - return output, nil -} - -func (m *ExternalOauthIntegration3Manager) ReadShow(x *ExternalOauthIntegration3ReadInput) (string, error) { - return m.sqlBuilder.ShowLike(x) -} - -func (m *ExternalOauthIntegration3Manager) ParseShow(row *sqlx.Row) (*ExternalOauthIntegration3ReadOutput, error) { - result := &ExternalOauthIntegration3{} - if err := row.StructScan(result); err != nil { - return nil, fmt.Errorf("error scanning result: %w", err) - } - return result, nil -} - -type ExternalOauthIntegration3UpdateInput struct { - ExternalOauthIntegration3 - - IfExists bool `pos:"afterObjectType" value:"IF EXISTS"` - IfExistsOk bool -} - -func (m *ExternalOauthIntegration3Manager) Update(x *ExternalOauthIntegration3UpdateInput) (string, error) { - return m.sqlBuilder.Alter(x) -} - -func (m *ExternalOauthIntegration3Manager) Unset(x *ExternalOauthIntegration3UpdateInput) (string, error) { - return m.sqlBuilder.Unset(x) -} - -type ExternalOauthIntegration3DeleteInput struct { - TopLevelIdentifier - - IfExists bool `pos:"afterObjectType" value:"IF EXISTS"` - IfExistsOk bool -} - -func (m *ExternalOauthIntegration3Manager) Delete(x *ExternalOauthIntegration3DeleteInput) (string, error) { - return m.sqlBuilder.Drop(x) -} diff --git a/pkg/snowflake/external_oauth_integration_test.go b/pkg/snowflake/external_oauth_integration_test.go deleted file mode 100644 index c14d28e907..0000000000 --- a/pkg/snowflake/external_oauth_integration_test.go +++ /dev/null @@ -1,124 +0,0 @@ -package snowflake_test - -import ( - "testing" - - "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/snowflake" - "github.com/stretchr/testify/require" -) - -func TestCreateExternalOauthIntegration3(t *testing.T) { - r := require.New(t) - - input := &snowflake.ExternalOauthIntegration3CreateInput{ - ExternalOauthIntegration3: snowflake.ExternalOauthIntegration3{ - TopLevelIdentifier: snowflake.TopLevelIdentifier{ - Name: "azure", - }, - Type: "EXTERNAL_OAUTH", - TypeOk: true, - ExternalOauthType: "AZURE", - ExternalOauthTypeOk: true, - }, - } - - mb, err := snowflake.NewExternalOauthIntegration3Manager() - r.Nil(err) - createStmt, err := mb.Create(input) - r.Nil(err) - r.Equal(`CREATE SECURITY INTEGRATION "azure" type = 'EXTERNAL_OAUTH' EXTERNAL_OAUTH_TYPE = 'AZURE';`, createStmt) -} - -func TestAlterExternalOauthIntegration3(t *testing.T) { - r := require.New(t) - - input := &snowflake.ExternalOauthIntegration3UpdateInput{ - ExternalOauthIntegration3: snowflake.ExternalOauthIntegration3{ - TopLevelIdentifier: snowflake.TopLevelIdentifier{ - Name: "azure", - }, - ExternalOauthIssuer: "someissuer", - ExternalOauthIssuerOk: true, - ExternalOauthBlockedRolesList: []string{"a", "b"}, - ExternalOauthBlockedRolesListOk: true, - }, - - IfExists: true, - IfExistsOk: true, - } - - mb, err := snowflake.NewExternalOauthIntegration3Manager() - r.Nil(err) - alterStmt, err := mb.Update(input) - r.Nil(err) - r.Equal( - `ALTER SECURITY INTEGRATION IF EXISTS "azure" SET EXTERNAL_OAUTH_ISSUER = 'someissuer' EXTERNAL_OAUTH_BLOCKED_ROLES_LIST = ('a', 'b');`, - alterStmt, - ) -} - -func TestUnsetExternalOauthIntegration3(t *testing.T) { - r := require.New(t) - - input := &snowflake.ExternalOauthIntegration3UpdateInput{ - ExternalOauthIntegration3: snowflake.ExternalOauthIntegration3{ - TopLevelIdentifier: snowflake.TopLevelIdentifier{ - Name: "azure", - }, - ExternalOauthTokenUserMappingClaimOk: true, - }, - } - - mb, err := snowflake.NewExternalOauthIntegration3Manager() - r.Nil(err) - unsetStmt, err := mb.Unset(input) - r.Nil(err) - r.Equal( - `ALTER SECURITY INTEGRATION "azure" UNSET EXTERNAL_OAUTH_TOKEN_USER_MAPPING_CLAIM;`, - unsetStmt, - ) -} - -func TestDeleteExternalOauthIntegration3(t *testing.T) { - r := require.New(t) - - input := &snowflake.ExternalOauthIntegration3DeleteInput{ - TopLevelIdentifier: snowflake.TopLevelIdentifier{ - Name: "azure", - }, - } - - mb, err := snowflake.NewExternalOauthIntegration3Manager() - r.Nil(err) - dropStmt, err := mb.Delete(input) - r.Nil(err) - r.Equal(`DROP SECURITY INTEGRATION "azure";`, dropStmt) -} - -func TestReadDescribeExternalOauthIntegration3(t *testing.T) { - r := require.New(t) - - input := &snowflake.ExternalOauthIntegration3ReadInput{ - Name: "azure", - } - - mb, err := snowflake.NewExternalOauthIntegration3Manager() - r.Nil(err) - describeStmt, err := mb.ReadDescribe(input) - r.Nil(err) - r.Equal(`DESCRIBE SECURITY INTEGRATION "azure";`, describeStmt) -} - -func TestReadShowExternalOauthIntegration3(t *testing.T) { - r := require.New(t) - - input := &snowflake.ExternalOauthIntegration3ReadInput{ - Name: "azure", - } - - mb, err := snowflake.NewExternalOauthIntegration3Manager() - r.Nil(err) - describeStmt, err := mb.ReadShow(input) - r.Nil(err) - r.Equal(`SHOW SECURITY INTEGRATIONS LIKE 'azure';`, describeStmt) -} diff --git a/pkg/snowflake/masking_policy.go b/pkg/snowflake/masking_policy.go deleted file mode 100644 index 0037a6ac7a..0000000000 --- a/pkg/snowflake/masking_policy.go +++ /dev/null @@ -1,52 +0,0 @@ -package snowflake - -import ( - "fmt" - "strings" -) - -// MaskingPolicyBuilder abstracts the creation of SQL queries for a Snowflake Masking Policy. -type MaskingPolicyBuilder struct { - name string - db string - schema string -} - -// QualifiedName prepends the db and schema if set and escapes everything nicely. -func (mpb *MaskingPolicyBuilder) QualifiedName() string { - var n strings.Builder - - if mpb.db != "" && mpb.schema != "" { - n.WriteString(fmt.Sprintf(`"%v"."%v".`, mpb.db, mpb.schema)) - } - - if mpb.db != "" && mpb.schema == "" { - n.WriteString(fmt.Sprintf(`"%v"..`, mpb.db)) - } - - if mpb.db == "" && mpb.schema != "" { - n.WriteString(fmt.Sprintf(`"%v".`, mpb.schema)) - } - - n.WriteString(fmt.Sprintf(`"%v"`, mpb.name)) - - return n.String() -} - -// MaskingPolicy returns a pointer to a Builder that abstracts the DDL operations for a masking policy. -// -// Supported DDL operations are: -// - CREATE MASKING POLICY -// - ALTER MASKING POLICY -// - DROP MASKING POLICY -// - SHOW MASKING POLICIES -// - DESCRIBE MASKING POLICY -// -// [Snowflake Reference](https://docs.snowflake.com/en/user-guide/security-column-ddm.html) -func MaskingPolicy(name, db, schema string) *MaskingPolicyBuilder { - return &MaskingPolicyBuilder{ - name: name, - db: db, - schema: schema, - } -} diff --git a/pkg/snowflake/oauth_integration.go b/pkg/snowflake/oauth_integration.go deleted file mode 100644 index 503500732b..0000000000 --- a/pkg/snowflake/oauth_integration.go +++ /dev/null @@ -1,69 +0,0 @@ -package snowflake - -import ( - "database/sql" - "errors" - "fmt" - "log" - - "github.com/jmoiron/sqlx" -) - -// OAuthIntegration returns a pointer to a Builder that abstracts the DDL operations for an api integration. -// -// Supported DDL operations are: -// - CREATE SECURITY INTEGRATION -// - ALTER SECURITY INTEGRATION -// - DROP INTEGRATION -// - SHOW INTEGRATIONS -// - DESCRIBE INTEGRATION -// -// [Snowflake Reference](https://docs.snowflake.com/en/sql-reference/ddl-user-security.html#security-integrations) -func NewOAuthIntegrationBuilder(name string) *Builder { - return &Builder{ - entityType: SecurityIntegrationType, - name: name, - } -} - -type OauthIntegration struct { - Name sql.NullString `db:"name"` - Category sql.NullString `db:"category"` - IntegrationType sql.NullString `db:"type"` - Enabled sql.NullBool `db:"enabled"` - Comment sql.NullString `db:"comment"` - CreatedOn sql.NullString `db:"created_on"` -} - -func ScanOAuthIntegration(row *sqlx.Row) (*OauthIntegration, error) { - r := &OauthIntegration{} - if err := row.StructScan(r); err != nil { - return nil, fmt.Errorf("error scanning struct err = %w", err) - } - return r, nil -} - -func ListIntegrations(db *sql.DB) ([]OauthIntegration, error) { - stmt := "SHOW INTEGRATIONS" - rows, err := db.Query(stmt) - if err != nil { - return nil, err - } - - defer rows.Close() - - r := []OauthIntegration{} - if err := sqlx.StructScan(rows, &r); err != nil { - if errors.Is(err, sql.ErrNoRows) { - log.Println("[DEBUG] no integrations found") - return nil, nil - } - return r, fmt.Errorf("failed to scan row for %s err = %w", stmt, err) - } - return r, nil -} - -func DropIntegration(db *sql.DB, name string) error { - stmt := NewOAuthIntegrationBuilder(name).Drop() - return Exec(db, stmt) -} diff --git a/pkg/snowflake/oauth_integration_test.go b/pkg/snowflake/oauth_integration_test.go deleted file mode 100644 index 144c8a6740..0000000000 --- a/pkg/snowflake/oauth_integration_test.go +++ /dev/null @@ -1,29 +0,0 @@ -package snowflake_test - -import ( - "testing" - - "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/snowflake" - "github.com/stretchr/testify/require" -) - -func TestOAuthIntegration(t *testing.T) { - r := require.New(t) - builder := snowflake.NewOAuthIntegrationBuilder("tableau_desktop") - r.NotNil(builder) - - q := builder.Show() - r.Equal("SHOW SECURITY INTEGRATIONS LIKE 'tableau_desktop'", q) - - q = builder.Describe() - r.Equal("DESCRIBE SECURITY INTEGRATION \"tableau_desktop\"", q) - - c := builder.Create() - c.SetRaw(`TYPE=oauth`) - c.SetString(`oauth_client`, "tableau_desktop") - q = c.Statement() - r.Equal(`CREATE SECURITY INTEGRATION "tableau_desktop" TYPE=oauth OAUTH_CLIENT='tableau_desktop'`, q) - - e := builder.Drop() - r.Equal(`DROP SECURITY INTEGRATION "tableau_desktop"`, e) -} diff --git a/pkg/snowflake/saml_integration.go b/pkg/snowflake/saml_integration.go deleted file mode 100644 index a88d09ae74..0000000000 --- a/pkg/snowflake/saml_integration.go +++ /dev/null @@ -1,41 +0,0 @@ -package snowflake - -import ( - "database/sql" - "fmt" - - "github.com/jmoiron/sqlx" -) - -// SamlIntegration returns a pointer to a Builder that abstracts the DDL operations for a SAML2 integration. -// -// Supported DDL operations are: -// - CREATE SECURITY INTEGRATION -// - ALTER SECURITY INTEGRATION -// - DROP INTEGRATION -// - SHOW INTEGRATIONS -// - DESCRIBE INTEGRATION -// -// [Snowflake Reference](https://docs.snowflake.com/en/sql-reference/ddl-user-security.html#security-integrations) -func NewSamlIntegrationBuilder(name string) *Builder { - return &Builder{ - entityType: SecurityIntegrationType, - name: name, - } -} - -type SamlIntegration struct { - Name sql.NullString `db:"name"` - Category sql.NullString `db:"category"` - IntegrationType sql.NullString `db:"type"` - CreatedOn sql.NullString `db:"created_on"` - Enabled sql.NullBool `db:"enabled"` -} - -func ScanSamlIntegration(row *sqlx.Row) (*SamlIntegration, error) { - r := &SamlIntegration{} - if err := row.StructScan(r); err != nil { - return r, fmt.Errorf("error scanning struct err = %w", err) - } - return r, nil -} diff --git a/pkg/snowflake/saml_integration_test.go b/pkg/snowflake/saml_integration_test.go deleted file mode 100644 index 27f064fb22..0000000000 --- a/pkg/snowflake/saml_integration_test.go +++ /dev/null @@ -1,43 +0,0 @@ -package snowflake_test - -import ( - "testing" - - "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/snowflake" - "github.com/stretchr/testify/require" -) - -func TestSamlIntegration(t *testing.T) { - r := require.New(t) - builder := snowflake.NewSamlIntegrationBuilder("test_saml_integration") - r.NotNil(builder) - - q := builder.Show() - r.Equal("SHOW SECURITY INTEGRATIONS LIKE 'test_saml_integration'", q) - - q = builder.Describe() - r.Equal("DESCRIBE SECURITY INTEGRATION \"test_saml_integration\"", q) - - c := builder.Create() - c.SetRaw(`TYPE=SAML2`) - c.SetString(`saml2_issuer`, "test_issuer") - c.SetString(`saml2_sso_url`, "https://testsamlissuer.com") - c.SetString(`saml2_provider`, "CUSTOM") - c.SetString(`saml2_x509_cert`, "MIICYzCCAcygAwIBAgIBADANBgkqhkiG9w0BAQUFADAuMQswCQYDVQQGEwJVUzEMMAoGA1UEChMDSUJNMREwDwYDVQQLEwhMb2NhbCBDQTAeFw05OTEyMjIwNTAwMDBaFw0wMDEyMjMwNDU5NTlaMC4xCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNJQk0xETAPBgNVBAsTCExvY2FsIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2bZEo7xGaX2/0GHkrNFZvlxBou9v1Jmt/PDiTMPve8r9FeJAQ0QdvFST/0JPQYD20rH0bimdDLgNdNynmyRoS2S/IInfpmf69iyc2G0TPyRvmHIiOZbdCd+YBHQi1adkj17NDcWj6S14tVurFX73zx0sNoMS79q3tuXKrDsxeuwIDAQABo4GQMIGNMEsGCVUdDwGG+EIBDQQ+EzxHZW5lcmF0ZWQgYnkgdGhlIFNlY3VyZVdheSBTZWN1cml0eSBTZXJ2ZXIgZm9yIE9TLzM5MCAoUkFDRikwDgYDVR0PAQH/BAQDAgAGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFJ3+ocRyCTJw067dLSwr/nalx6YMMA0GCSqGSIb3DQEBBQUAA4GBAMaQzt+zaj1GU77yzlr8iiMBXgdQrwsZZWJo5exnAucJAEYQZmOfyLiMD6oYq+ZnfvM0n8G/Y79q8nhwvuxpYOnRSAXFp6xSkrIOeZtJMY1h00LKp/JX3Ng1svZ2agE126JHsQ0bhzN5TKsYfbwfTwfjdWAGy6Vf1nYi/rO+ryMO") - c.SetBool(`enabled`, true) - q = c.Statement() - r.Equal(`CREATE SECURITY INTEGRATION "test_saml_integration" TYPE=SAML2 SAML2_ISSUER='test_issuer' SAML2_PROVIDER='CUSTOM' SAML2_SSO_URL='https://testsamlissuer.com' SAML2_X509_CERT='MIICYzCCAcygAwIBAgIBADANBgkqhkiG9w0BAQUFADAuMQswCQYDVQQGEwJVUzEMMAoGA1UEChMDSUJNMREwDwYDVQQLEwhMb2NhbCBDQTAeFw05OTEyMjIwNTAwMDBaFw0wMDEyMjMwNDU5NTlaMC4xCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNJQk0xETAPBgNVBAsTCExvY2FsIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2bZEo7xGaX2/0GHkrNFZvlxBou9v1Jmt/PDiTMPve8r9FeJAQ0QdvFST/0JPQYD20rH0bimdDLgNdNynmyRoS2S/IInfpmf69iyc2G0TPyRvmHIiOZbdCd+YBHQi1adkj17NDcWj6S14tVurFX73zx0sNoMS79q3tuXKrDsxeuwIDAQABo4GQMIGNMEsGCVUdDwGG+EIBDQQ+EzxHZW5lcmF0ZWQgYnkgdGhlIFNlY3VyZVdheSBTZWN1cml0eSBTZXJ2ZXIgZm9yIE9TLzM5MCAoUkFDRikwDgYDVR0PAQH/BAQDAgAGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFJ3+ocRyCTJw067dLSwr/nalx6YMMA0GCSqGSIb3DQEBBQUAA4GBAMaQzt+zaj1GU77yzlr8iiMBXgdQrwsZZWJo5exnAucJAEYQZmOfyLiMD6oYq+ZnfvM0n8G/Y79q8nhwvuxpYOnRSAXFp6xSkrIOeZtJMY1h00LKp/JX3Ng1svZ2agE126JHsQ0bhzN5TKsYfbwfTwfjdWAGy6Vf1nYi/rO+ryMO' ENABLED=true`, q) - - d := builder.Alter() - d.SetRaw(`TYPE=SAML2`) - d.SetString(`saml2_issuer`, "test_issuer") - d.SetString(`saml2_sso_url`, "https://testsamlissuer.com") - d.SetString(`saml2_provider`, "CUSTOM") - d.SetString(`saml2_x509_cert`, "MIICYzCCAcygAwIBAgIBADANBgkqhkiG9w0BAQUFADAuMQswCQYDVQQGEwJVUzEMMAoGA1UEChMDSUJNMREwDwYDVQQLEwhMb2NhbCBDQTAeFw05OTEyMjIwNTAwMDBaFw0wMDEyMjMwNDU5NTlaMC4xCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNJQk0xETAPBgNVBAsTCExvY2FsIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2bZEo7xGaX2/0GHkrNFZvlxBou9v1Jmt/PDiTMPve8r9FeJAQ0QdvFST/0JPQYD20rH0bimdDLgNdNynmyRoS2S/IInfpmf69iyc2G0TPyRvmHIiOZbdCd+YBHQi1adkj17NDcWj6S14tVurFX73zx0sNoMS79q3tuXKrDsxeuwIDAQABo4GQMIGNMEsGCVUdDwGG+EIBDQQ+EzxHZW5lcmF0ZWQgYnkgdGhlIFNlY3VyZVdheSBTZWN1cml0eSBTZXJ2ZXIgZm9yIE9TLzM5MCAoUkFDRikwDgYDVR0PAQH/BAQDAgAGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFJ3+ocRyCTJw067dLSwr/nalx6YMMA0GCSqGSIb3DQEBBQUAA4GBAMaQzt+zaj1GU77yzlr8iiMBXgdQrwsZZWJo5exnAucJAEYQZmOfyLiMD6oYq+ZnfvM0n8G/Y79q8nhwvuxpYOnRSAXFp6xSkrIOeZtJMY1h00LKp/JX3Ng1svZ2agE126JHsQ0bhzN5TKsYfbwfTwfjdWAGy6Vf1nYi/rO+ryMO") - d.SetBool(`enabled`, false) - q = d.Statement() - r.Equal(`ALTER SECURITY INTEGRATION "test_saml_integration" SET TYPE=SAML2 SAML2_ISSUER='test_issuer' SAML2_PROVIDER='CUSTOM' SAML2_SSO_URL='https://testsamlissuer.com' SAML2_X509_CERT='MIICYzCCAcygAwIBAgIBADANBgkqhkiG9w0BAQUFADAuMQswCQYDVQQGEwJVUzEMMAoGA1UEChMDSUJNMREwDwYDVQQLEwhMb2NhbCBDQTAeFw05OTEyMjIwNTAwMDBaFw0wMDEyMjMwNDU5NTlaMC4xCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNJQk0xETAPBgNVBAsTCExvY2FsIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2bZEo7xGaX2/0GHkrNFZvlxBou9v1Jmt/PDiTMPve8r9FeJAQ0QdvFST/0JPQYD20rH0bimdDLgNdNynmyRoS2S/IInfpmf69iyc2G0TPyRvmHIiOZbdCd+YBHQi1adkj17NDcWj6S14tVurFX73zx0sNoMS79q3tuXKrDsxeuwIDAQABo4GQMIGNMEsGCVUdDwGG+EIBDQQ+EzxHZW5lcmF0ZWQgYnkgdGhlIFNlY3VyZVdheSBTZWN1cml0eSBTZXJ2ZXIgZm9yIE9TLzM5MCAoUkFDRikwDgYDVR0PAQH/BAQDAgAGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFJ3+ocRyCTJw067dLSwr/nalx6YMMA0GCSqGSIb3DQEBBQUAA4GBAMaQzt+zaj1GU77yzlr8iiMBXgdQrwsZZWJo5exnAucJAEYQZmOfyLiMD6oYq+ZnfvM0n8G/Y79q8nhwvuxpYOnRSAXFp6xSkrIOeZtJMY1h00LKp/JX3Ng1svZ2agE126JHsQ0bhzN5TKsYfbwfTwfjdWAGy6Vf1nYi/rO+ryMO' ENABLED=false`, q) - - e := builder.Drop() - r.Equal(`DROP SECURITY INTEGRATION "test_saml_integration"`, e) -} diff --git a/pkg/snowflake/scim_integration.go b/pkg/snowflake/scim_integration.go deleted file mode 100644 index 2b91705363..0000000000 --- a/pkg/snowflake/scim_integration.go +++ /dev/null @@ -1,40 +0,0 @@ -package snowflake - -import ( - "database/sql" - "fmt" - - "github.com/jmoiron/sqlx" -) - -// NewSCIMIntegrationBuilder returns a pointer to a Builder that abstracts the DDL operations for an api integration. -// -// Supported DDL operations are: -// - CREATE SECURITY INTEGRATION -// - ALTER SECURITY INTEGRATION -// - DROP INTEGRATION -// - SHOW INTEGRATIONS -// - DESCRIBE INTEGRATION -// -// [Snowflake Reference](https://docs.snowflake.com/en/sql-reference/ddl-user-security.html#security-integrations) -func NewSCIMIntegrationBuilder(name string) *Builder { - return &Builder{ - entityType: SecurityIntegrationType, - name: name, - } -} - -type SCIMIntegration struct { - Name sql.NullString `db:"name"` - Category sql.NullString `db:"category"` - IntegrationType sql.NullString `db:"type"` - CreatedOn sql.NullString `db:"created_on"` -} - -func ScanScimIntegration(row *sqlx.Row) (*SCIMIntegration, error) { - r := &SCIMIntegration{} - if err := row.StructScan(r); err != nil { - return r, fmt.Errorf("error scanning struct err = %w", err) - } - return r, nil -} diff --git a/pkg/snowflake/scim_integration_test.go b/pkg/snowflake/scim_integration_test.go deleted file mode 100644 index b9ee16d504..0000000000 --- a/pkg/snowflake/scim_integration_test.go +++ /dev/null @@ -1,38 +0,0 @@ -package snowflake_test - -import ( - "testing" - - "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/snowflake" - "github.com/stretchr/testify/require" -) - -func TestScimIntegration(t *testing.T) { - r := require.New(t) - builder := snowflake.NewSCIMIntegrationBuilder("aad_provisioning") - r.NotNil(builder) - - q := builder.Show() - r.Equal("SHOW SECURITY INTEGRATIONS LIKE 'aad_provisioning'", q) - - q = builder.Describe() - r.Equal("DESCRIBE SECURITY INTEGRATION \"aad_provisioning\"", q) - - c := builder.Create() - c.SetRaw(`TYPE=scim`) - c.SetString(`scim_client`, "azure") - c.SetString(`run_as_role`, "AAD_PROVISIONER") - q = c.Statement() - r.Equal(`CREATE SECURITY INTEGRATION "aad_provisioning" TYPE=scim RUN_AS_ROLE='AAD_PROVISIONER' SCIM_CLIENT='azure'`, q) - - d := builder.Alter() - d.SetRaw(`TYPE=scim`) - d.SetString(`scim_client`, "azure") - d.SetString(`run_as_role`, "AAD_PROVISIONER") - d.SetString(`network_policy`, "aad_policy") - q = d.Statement() - r.Equal(`ALTER SECURITY INTEGRATION "aad_provisioning" SET TYPE=scim NETWORK_POLICY='aad_policy' RUN_AS_ROLE='AAD_PROVISIONER' SCIM_CLIENT='azure'`, q) - - e := builder.Drop() - r.Equal(`DROP SECURITY INTEGRATION "aad_provisioning"`, e) -} diff --git a/v1-preparations/LIST_OF_REMOVED_RESOURCES_FOR_V1.md b/v1-preparations/LIST_OF_REMOVED_RESOURCES_FOR_V1.md index 1b98058edf..0624766156 100644 --- a/v1-preparations/LIST_OF_REMOVED_RESOURCES_FOR_V1.md +++ b/v1-preparations/LIST_OF_REMOVED_RESOURCES_FOR_V1.md @@ -1,13 +1,8 @@ Deprecated resources that are removed with the V1: -* [snowflake_database_old](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/resources/database_old) -* [snowflake_procedure](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/resources/procedure) -* [snowflake_function](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/resources/function) -* [snowflake_role](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/resources/role) -* [snowflake_role](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/data-sources/role) (datasource) -* [snowflake_oauth_integration](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/resources/oauth_integration) -* [snowflake_saml_integration](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/resources/saml_integration) -* [snowflake_session_parameter](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/resources/session_parameter) -* [snowflake_unsafe_execute](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/resources/unsafe_execute) - will be renamed -* [snowflake_stream](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/resources/stream) -* [snowflake_tag_masking_policy_association](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.97.0/docs/resources/tag_masking_policy_association) +* [snowflake_database_old](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.98.0/docs/resources/database_old) +* [snowflake_role](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.98.0/docs/resources/role) +* [snowflake_role](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.98.0/docs/data-sources/role) (datasource) +* [snowflake_oauth_integration](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.98.0/docs/resources/oauth_integration) +* [snowflake_saml_integration](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.98.0/docs/resources/saml_integration) +* [snowflake_stream](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/0.98.0/docs/resources/stream)