From f7ff538666c33cb9f4b42f5d67076c516ce77776 Mon Sep 17 00:00:00 2001
From: Jakub Michalak <jakub.michalak@snowflake.com>
Date: Thu, 12 Dec 2024 16:52:54 +0100
Subject: [PATCH] Remove unsafe execute leftovers

---
 docs/index.md                                 |   6 -
 docs/resources/unsafe_execute.md              | 147 ------------------
 examples/additional/deprecated_datasources.MD |   3 +-
 examples/additional/deprecated_resources.MD   |   3 +-
 pkg/resources/execute.go                      |   2 +-
 pkg/resources/unsafe_execute.go               |  12 --
 templates/resources/unsafe_execute.md.tmpl    |  40 -----
 7 files changed, 3 insertions(+), 210 deletions(-)
 delete mode 100644 docs/resources/unsafe_execute.md
 delete mode 100644 pkg/resources/unsafe_execute.go
 delete mode 100644 templates/resources/unsafe_execute.md.tmpl

diff --git a/docs/index.md b/docs/index.md
index 615f8d1afb..e3117ccd03 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -349,11 +349,5 @@ provider "snowflake" {
 ```
 
 <!-- Section of deprecated resources -->
- ## Currently deprecated resources 
-
-- [snowflake_unsafe_execute](./docs/resources/unsafe_execute) - use [snowflake_execute](./docs/resources/execute) instead
 
 <!-- Section of deprecated data sources -->
- ## Currently deprecated data sources 
-
-- [snowflake_roles](./docs/data-sources/roles) - use [snowflake_account_roles](./docs/data-sources/account_roles) instead
diff --git a/docs/resources/unsafe_execute.md b/docs/resources/unsafe_execute.md
deleted file mode 100644
index 3ac9e7c7b6..0000000000
--- a/docs/resources/unsafe_execute.md
+++ /dev/null
@@ -1,147 +0,0 @@
----
-# generated by https://github.com/hashicorp/terraform-plugin-docs
-page_title: "snowflake_unsafe_execute Resource - terraform-provider-snowflake"
-subcategory: ""
-description: |-
-  Experimental resource allowing execution of ANY SQL statement. It may destroy resources if used incorrectly. It may behave incorrectly combined with other resources. Use at your own risk.
----
-
-# snowflake_unsafe_execute (Resource)
-
-!> **Warning** This is a dangerous resource that allows executing **ANY** SQL statement. It may destroy resources if used incorrectly. It may behave incorrectly combined with other resources. Use at your own risk.
-
-~> **Note** It can be theoretically used to manage resource that are not supported by the provider. This is risky and may brake other resources if used incorrectly.
-
-~> **Note** Use `query` parameter with caution. It will fetch **ALL** the results returned by the query provided. Try to limit the number of results by writing query with filters. Query failure does not stop resource creation; it simply results in `query_results` being empty.
-
-~> **Deprecation** This resource is deprecated and will be removed in a future major version release. Please use [snowflake_execute](./execute) instead. <deprecation>
-
-Experimental resource allowing execution of ANY SQL statement. It may destroy resources if used incorrectly. It may behave incorrectly combined with other resources. Use at your own risk.
-
-## Example Usage
-
-```terraform
-##################################
-### simple use cases
-##################################
-
-# create and destroy resource
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE ABC"
-  revert  = "DROP DATABASE ABC"
-}
-
-# create and destroy resource using qualified name
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE \"abc\""
-  revert  = "DROP DATABASE \"abc\""
-}
-
-# with query
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE ABC"
-  revert  = "DROP DATABASE ABC"
-  query   = "SHOW DATABASES LIKE '%ABC%'"
-}
-
-##################################
-### grants example
-##################################
-
-# grant and revoke privilege USAGE to ROLE on database
-resource "snowflake_unsafe_execute" "test" {
-  execute = "GRANT USAGE ON DATABASE ABC TO ROLE XYZ"
-  revert  = "REVOKE USAGE ON DATABASE ABC FROM ROLE XYZ"
-}
-
-# grant and revoke with for_each
-variable "database_grants" {
-  type = list(object({
-    database_name = string
-    role_id       = string
-    privileges    = list(string)
-  }))
-}
-
-resource "snowflake_unsafe_execute" "test" {
-  for_each = { for index, db_grant in var.database_grants : index => db_grant }
-  execute  = "GRANT ${join(",", each.value.privileges)} ON DATABASE ${each.value.database_name} TO ROLE ${each.value.role_id}"
-  revert   = "REVOKE ${join(",", each.value.privileges)} ON DATABASE ${each.value.database_name} FROM ROLE ${each.value.role_id}"
-}
-
-##################################
-### fixing bad configuration
-##################################
-
-# bad revert - simple
-# 1 - resource created with a bad revert; it is constructed, revert is not validated before destroy happens
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE ABC"
-  revert  = "SELECT 1"
-}
-
-# 2 - fix the revert first; resource won't be recreated
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE ABC"
-  revert  = "DROP DATABASE ABC"
-}
-
-# bad revert - complex (we assume that the problem is spotted after trying to change the execute)
-# 1 - resource created with a bad revert; it is constructed, revert is not validated before destroy happens
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE ABC"
-  revert  = "SELECT 1"
-}
-
-# 2 - try to create different database; it will fail on bad destroy
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE XYZ"
-  revert  = "SELECT 1"
-}
-
-# 3 - fix the revert first
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE ABC"
-  revert  = "DROP DATABASE ABC"
-}
-
-# 4 - create different database updating revert also
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE XYZ"
-  revert  = "DROP DATABASE XYZ"
-}
-
-# bad query
-# 1 - resource will be created; query_results will be empty
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE ABC"
-  revert  = "DROP DATABASE ABC"
-  query   = "bad query"
-}
-
-# 2 - fix the query; query_results will be calculated; resource won't be recreated
-resource "snowflake_unsafe_execute" "test" {
-  execute = "CREATE DATABASE ABC"
-  revert  = "DROP DATABASE ABC"
-  query   = "SHOW DATABASES LIKE '%ABC%'"
-}
-```
--> **Note** Instead of using fully_qualified_name, you can reference objects managed outside Terraform by constructing a correct ID, consult [identifiers guide](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/guides/identifiers#new-computed-fully-qualified-name-field-in-resources).
-<!-- TODO(SNOW-1634854): include an example showing both methods-->
-
-<!-- schema generated by tfplugindocs -->
-## Schema
-
-### Required
-
-- `execute` (String) SQL statement to execute. Forces recreation of resource on change.
-- `revert` (String) SQL statement to revert the execute statement. Invoked when resource is being destroyed.
-
-### Optional
-
-- `query` (String) Optional SQL statement to do a read. Invoked on every resource refresh and every time it is changed.
-
-### Read-Only
-
-- `id` (String) The ID of this resource.
-- `query_results` (List of Map of String) List of key-value maps (text to text) retrieved after executing read query. Will be empty if the query results in an error.
diff --git a/examples/additional/deprecated_datasources.MD b/examples/additional/deprecated_datasources.MD
index 6e29a34e49..393ab71209 100644
--- a/examples/additional/deprecated_datasources.MD
+++ b/examples/additional/deprecated_datasources.MD
@@ -1,4 +1,3 @@
 <!-- Section of deprecated data sources -->
- ## Currently deprecated data sources 
 
-- [snowflake_roles](./docs/data-sources/roles) - use [snowflake_account_roles](./docs/data-sources/account_roles) instead
+
diff --git a/examples/additional/deprecated_resources.MD b/examples/additional/deprecated_resources.MD
index 81a1a1f339..3b52465691 100644
--- a/examples/additional/deprecated_resources.MD
+++ b/examples/additional/deprecated_resources.MD
@@ -1,4 +1,3 @@
 <!-- Section of deprecated resources -->
- ## Currently deprecated resources 
 
-- [snowflake_unsafe_execute](./docs/resources/unsafe_execute) - use [snowflake_execute](./docs/resources/execute) instead
+
diff --git a/pkg/resources/execute.go b/pkg/resources/execute.go
index 6ad9b189cd..acd5c26926 100644
--- a/pkg/resources/execute.go
+++ b/pkg/resources/execute.go
@@ -61,7 +61,7 @@ func Execute() *schema.Resource {
 
 		Description: "Resource allowing execution of ANY SQL statement.",
 
-		CustomizeDiff: TrackingCustomDiffWrapper(resources.UnsafeExecute, customdiff.All(
+		CustomizeDiff: TrackingCustomDiffWrapper(resources.Execute, customdiff.All(
 			customdiff.ForceNewIfChange("execute", func(ctx context.Context, oldValue, newValue, meta any) bool {
 				return oldValue != ""
 			}),
diff --git a/pkg/resources/unsafe_execute.go b/pkg/resources/unsafe_execute.go
deleted file mode 100644
index 822900ce02..0000000000
--- a/pkg/resources/unsafe_execute.go
+++ /dev/null
@@ -1,12 +0,0 @@
-package resources
-
-import (
-	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
-)
-
-func UnsafeExecute() *schema.Resource {
-	unsafeExecute := Execute()
-	unsafeExecute.Description = "Experimental resource allowing execution of ANY SQL statement. It may destroy resources if used incorrectly. It may behave incorrectly combined with other resources. Use at your own risk."
-	unsafeExecute.DeprecationMessage = "This resource is deprecated and will be removed in a future major version release. Please use snowflake_execute instead."
-	return unsafeExecute
-}
diff --git a/templates/resources/unsafe_execute.md.tmpl b/templates/resources/unsafe_execute.md.tmpl
deleted file mode 100644
index 80794cba89..0000000000
--- a/templates/resources/unsafe_execute.md.tmpl
+++ /dev/null
@@ -1,40 +0,0 @@
----
-# generated by https://github.com/hashicorp/terraform-plugin-docs
-page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}"
-subcategory: ""
-description: |-
-{{ if gt (len (split .Description "<deprecation>")) 1 -}}
-{{ index (split .Description "<deprecation>") 1 | plainmarkdown | trimspace | prefixlines "  " }}
-{{- else -}}
-{{ .Description | plainmarkdown | trimspace | prefixlines "  " }}
-{{- end }}
----
-
-# {{.Name}} ({{.Type}})
-
-!> **Warning** This is a dangerous resource that allows executing **ANY** SQL statement. It may destroy resources if used incorrectly. It may behave incorrectly combined with other resources. Use at your own risk.
-
-~> **Note** It can be theoretically used to manage resource that are not supported by the provider. This is risky and may brake other resources if used incorrectly.
-
-~> **Note** Use `query` parameter with caution. It will fetch **ALL** the results returned by the query provided. Try to limit the number of results by writing query with filters. Query failure does not stop resource creation; it simply results in `query_results` being empty.
-
-{{ .Description | trimspace }}
-
-{{ if .HasExample -}}
-## Example Usage
-
-{{ tffile (printf "examples/resources/%s/resource.tf" .Name)}}
--> **Note** Instead of using fully_qualified_name, you can reference objects managed outside Terraform by constructing a correct ID, consult [identifiers guide](https://registry.terraform.io/providers/Snowflake-Labs/snowflake/latest/docs/guides/identifiers#new-computed-fully-qualified-name-field-in-resources).
-<!-- TODO(SNOW-1634854): include an example showing both methods-->
-
-{{- end }}
-
-{{ .SchemaMarkdown | trimspace }}
-{{- if .HasImport }}
-
-## Import
-
-Import is supported using the following syntax:
-
-{{ codefile "shell" (printf "examples/resources/%s/import.sh" .Name)}}
-{{- end }}