Skip to content

Commit

Permalink
Remove oauth integration for partner applications
Browse files Browse the repository at this point in the history
  • Loading branch information
@sfc-gh-jcieslak
sfc-gh-jcieslak committed Jul 3, 2024
1 parent 2c85896 commit b5fd03e
Show file tree
Hide file tree
Showing 18 changed files with 64 additions and 1,015 deletions.
41 changes: 0 additions & 41 deletions docs/resources/oauth_integration_for_partner_applications.md
View file

This file was deleted.

129 changes: 64 additions & 65 deletions pkg/provider/provider.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -421,71 +421,70 @@ func Provider() *schema.Provider {

func getResources() map[string]*schema.Resource {
return map[string]*schema.Resource{
"snowflake_account": resources.Account(),
"snowflake_account_password_policy_attachment": resources.AccountPasswordPolicyAttachment(),
"snowflake_account_parameter": resources.AccountParameter(),
"snowflake_alert": resources.Alert(),
"snowflake_api_integration": resources.APIIntegration(),
"snowflake_cortex_search_service": resources.CortexSearchService(),
"snowflake_database_old": resources.DatabaseOld(),
"snowflake_database": resources.Database(),
"snowflake_database_role": resources.DatabaseRole(),
"snowflake_dynamic_table": resources.DynamicTable(),
"snowflake_email_notification_integration": resources.EmailNotificationIntegration(),
"snowflake_external_function": resources.ExternalFunction(),
"snowflake_external_oauth_integration": resources.ExternalOauthIntegration(),
"snowflake_external_table": resources.ExternalTable(),
"snowflake_failover_group": resources.FailoverGroup(),
"snowflake_file_format": resources.FileFormat(),
"snowflake_function": resources.Function(),
"snowflake_grant_account_role": resources.GrantAccountRole(),
"snowflake_grant_application_role": resources.GrantApplicationRole(),
"snowflake_grant_database_role": resources.GrantDatabaseRole(),
"snowflake_grant_ownership": resources.GrantOwnership(),
"snowflake_grant_privileges_to_account_role": resources.GrantPrivilegesToAccountRole(),
"snowflake_grant_privileges_to_database_role": resources.GrantPrivilegesToDatabaseRole(),
"snowflake_grant_privileges_to_share": resources.GrantPrivilegesToShare(),
"snowflake_managed_account": resources.ManagedAccount(),
"snowflake_masking_policy": resources.MaskingPolicy(),
"snowflake_materialized_view": resources.MaterializedView(),
"snowflake_network_policy": resources.NetworkPolicy(),
"snowflake_network_policy_attachment": resources.NetworkPolicyAttachment(),
"snowflake_network_rule": resources.NetworkRule(),
"snowflake_notification_integration": resources.NotificationIntegration(),
"snowflake_oauth_integration": resources.OAuthIntegration(),
"snowflake_oauth_integration_for_custom_clients": resources.OauthIntegrationForCustomClients(),
"snowflake_oauth_integration_for_partner_applications": resources.OauthIntegrationForPartnerApplications(),
"snowflake_object_parameter": resources.ObjectParameter(),
"snowflake_password_policy": resources.PasswordPolicy(),
"snowflake_pipe": resources.Pipe(),
"snowflake_procedure": resources.Procedure(),
"snowflake_resource_monitor": resources.ResourceMonitor(),
"snowflake_role": resources.Role(),
"snowflake_row_access_policy": resources.RowAccessPolicy(),
"snowflake_saml_integration": resources.SAMLIntegration(),
"snowflake_schema": resources.Schema(),
"snowflake_scim_integration": resources.SCIMIntegration(),
"snowflake_secondary_database": resources.SecondaryDatabase(),
"snowflake_sequence": resources.Sequence(),
"snowflake_session_parameter": resources.SessionParameter(),
"snowflake_share": resources.Share(),
"snowflake_shared_database": resources.SharedDatabase(),
"snowflake_stage": resources.Stage(),
"snowflake_storage_integration": resources.StorageIntegration(),
"snowflake_stream": resources.Stream(),
"snowflake_table": resources.Table(),
"snowflake_table_column_masking_policy_application": resources.TableColumnMaskingPolicyApplication(),
"snowflake_table_constraint": resources.TableConstraint(),
"snowflake_tag": resources.Tag(),
"snowflake_tag_association": resources.TagAssociation(),
"snowflake_tag_masking_policy_association": resources.TagMaskingPolicyAssociation(),
"snowflake_task": resources.Task(),
"snowflake_unsafe_execute": resources.UnsafeExecute(),
"snowflake_user": resources.User(),
"snowflake_user_password_policy_attachment": resources.UserPasswordPolicyAttachment(),
"snowflake_user_public_keys": resources.UserPublicKeys(),
"snowflake_view": resources.View(),
"snowflake_warehouse": resources.Warehouse(),
"snowflake_account": resources.Account(),
"snowflake_account_password_policy_attachment": resources.AccountPasswordPolicyAttachment(),
"snowflake_account_parameter": resources.AccountParameter(),
"snowflake_alert": resources.Alert(),
"snowflake_api_integration": resources.APIIntegration(),
"snowflake_cortex_search_service": resources.CortexSearchService(),
"snowflake_database_old": resources.DatabaseOld(),
"snowflake_database": resources.Database(),
"snowflake_database_role": resources.DatabaseRole(),
"snowflake_dynamic_table": resources.DynamicTable(),
"snowflake_email_notification_integration": resources.EmailNotificationIntegration(),
"snowflake_external_function": resources.ExternalFunction(),
"snowflake_external_oauth_integration": resources.ExternalOauthIntegration(),
"snowflake_external_table": resources.ExternalTable(),
"snowflake_failover_group": resources.FailoverGroup(),
"snowflake_file_format": resources.FileFormat(),
"snowflake_function": resources.Function(),
"snowflake_grant_account_role": resources.GrantAccountRole(),
"snowflake_grant_application_role": resources.GrantApplicationRole(),
"snowflake_grant_database_role": resources.GrantDatabaseRole(),
"snowflake_grant_ownership": resources.GrantOwnership(),
"snowflake_grant_privileges_to_account_role": resources.GrantPrivilegesToAccountRole(),
"snowflake_grant_privileges_to_database_role": resources.GrantPrivilegesToDatabaseRole(),
"snowflake_grant_privileges_to_share": resources.GrantPrivilegesToShare(),
"snowflake_managed_account": resources.ManagedAccount(),
"snowflake_masking_policy": resources.MaskingPolicy(),
"snowflake_materialized_view": resources.MaterializedView(),
"snowflake_network_policy": resources.NetworkPolicy(),
"snowflake_network_policy_attachment": resources.NetworkPolicyAttachment(),
"snowflake_network_rule": resources.NetworkRule(),
"snowflake_notification_integration": resources.NotificationIntegration(),
"snowflake_oauth_integration": resources.OAuthIntegration(),
"snowflake_oauth_integration_for_custom_clients": resources.OauthIntegrationForCustomClients(),
"snowflake_object_parameter": resources.ObjectParameter(),
"snowflake_password_policy": resources.PasswordPolicy(),
"snowflake_pipe": resources.Pipe(),
"snowflake_procedure": resources.Procedure(),
"snowflake_resource_monitor": resources.ResourceMonitor(),
"snowflake_role": resources.Role(),
"snowflake_row_access_policy": resources.RowAccessPolicy(),
"snowflake_saml_integration": resources.SAMLIntegration(),
"snowflake_schema": resources.Schema(),
"snowflake_scim_integration": resources.SCIMIntegration(),
"snowflake_secondary_database": resources.SecondaryDatabase(),
"snowflake_sequence": resources.Sequence(),
"snowflake_session_parameter": resources.SessionParameter(),
"snowflake_share": resources.Share(),
"snowflake_shared_database": resources.SharedDatabase(),
"snowflake_stage": resources.Stage(),
"snowflake_storage_integration": resources.StorageIntegration(),
"snowflake_stream": resources.Stream(),
"snowflake_table": resources.Table(),
"snowflake_table_column_masking_policy_application": resources.TableColumnMaskingPolicyApplication(),
"snowflake_table_constraint": resources.TableConstraint(),
"snowflake_tag": resources.Tag(),
"snowflake_tag_association": resources.TagAssociation(),
"snowflake_tag_masking_policy_association": resources.TagMaskingPolicyAssociation(),
"snowflake_task": resources.Task(),
"snowflake_unsafe_execute": resources.UnsafeExecute(),
"snowflake_user": resources.User(),
"snowflake_user_password_policy_attachment": resources.UserPasswordPolicyAttachment(),
"snowflake_user_public_keys": resources.UserPublicKeys(),
"snowflake_view": resources.View(),
"snowflake_warehouse": resources.Warehouse(),
}
}

Expand Down
76 changes: 0 additions & 76 deletions pkg/resources/common.go
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,9 @@
package resources

import (
"context"
"crypto/sha256"
"crypto/x509"
"encoding/base64"
"encoding/pem"
"errors"
"fmt"
"strings"

"github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/helpers"
"github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/internal/provider"
"github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/sdk"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

Expand Down Expand Up @@ -62,69 +52,3 @@ func suppressQuoting(_, oldValue, newValue string, _ *schema.ResourceData) bool
return oldWithoutQuotes == newWithoutQuotes
}
}

func DeleteContextSecurityIntegration(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
id := helpers.DecodeSnowflakeID(d.Id()).(sdk.AccountObjectIdentifier)
client := meta.(*provider.Context).Client

err := client.SecurityIntegrations.Drop(ctx, sdk.NewDropSecurityIntegrationRequest(sdk.NewAccountObjectIdentifier(id.Name())).WithIfExists(true))
if err != nil {
return diag.Diagnostics{
diag.Diagnostic{
Severity: diag.Error,
Summary: "Error deleting integration",
Detail: fmt.Sprintf("id %v err = %v", id.Name(), err),
},
}
}

d.SetId("")
return nil
}

func RSAKeyHash(key string) (string, error) {
keyBytes := []byte(fmt.Sprintf("-----BEGIN PUBLIC KEY-----\n%s\n-----END PUBLIC KEY-----", key))

block, _ := pem.Decode(keyBytes)
if block == nil || block.Type != "PUBLIC KEY" {
return "", errors.New("Failed to decode PEM block containing public key")
}

pubKey, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return "", fmt.Errorf("Unable to parse public key: %w", err)
}

pubKeyBytes, err := x509.MarshalPKIXPublicKey(pubKey)
if err != nil {
return "", fmt.Errorf("Unable to marshal public key: %w", err)
}

hash := sha256.Sum256(pubKeyBytes)
return fmt.Sprintf("SHA256:%s", base64.StdEncoding.EncodeToString(hash[:])), nil
}

func getParameterInAccount(ctx context.Context, client *sdk.Client, param string) (string, error) {
params, err := client.Parameters.ShowParameters(ctx, &sdk.ShowParametersOptions{
Like: &sdk.Like{
Pattern: sdk.Pointer(param),
},
In: &sdk.ParametersIn{
Account: sdk.Pointer(true),
},
})
if err != nil {
return "", err
}
var found *sdk.Parameter
for _, v := range params {
if v.Key == param {
found = v
break
}
}
if found == nil {
return "", fmt.Errorf("parameter %s not found", param)
}
return found.Value, nil
}
16 changes: 0 additions & 16 deletions pkg/resources/custom_diffs.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,22 +58,6 @@ func ParameterValueComputedIf(key string, parameters []*sdk.Parameter, objectPar
}
}

// ForceNewIfChangeToEmptySet sets a ForceNew for a set field which was set to an empty value.
func ForceNewIfChangeToEmptySet[T any](key string) schema.CustomizeDiffFunc {
return customdiff.ForceNewIfChange(key, func(ctx context.Context, oldValue, newValue, meta any) bool {
oldList, newList := oldValue.(*schema.Set).List(), newValue.(*schema.Set).List()
return len(oldList) > 0 && len(newList) == 0
})
}

// ForceNewIfChangeToEmptyString sets a ForceNew for a string field which was set to an empty value.
func ForceNewIfChangeToEmptyString(key string) schema.CustomizeDiffFunc {
return customdiff.ForceNewIfChange(key, func(ctx context.Context, oldValue, newValue, meta any) bool {
oldString, newString := oldValue.(string), newValue.(string)
return len(oldString) > 0 && len(newString) == 0
})
}

// TODO [follow-up PR]: test
func ComputedIfAnyAttributeChanged(key string, changedAttributeKeys ...string) schema.CustomizeDiffFunc {
return customdiff.ComputedIf(key, func(ctx context.Context, diff *schema.ResourceDiff, meta interface{}) bool {
Expand Down
Loading

0 comments on commit b5fd03e

Please sign in to comment.