feat: Add secret to sdk #3091
feat: Add secret to sdk #3091
Conversation
|
Integration tests failure for 01a70062a3b2aed8351229d43d94e520ec3c1e05 |
|
Integration tests failure for 929c810a42e5eade5724b107bb10432ed35e376b |
sfc-gh-fbudzynski
force-pushed
the
add-secret-to-sdk
branch
from
929c810
to
8c5dcfb
Compare
sfc-gh-fbudzynski
requested review from
sfc-gh-jcieslak and
sfc-gh-jmichalak
|
Integration tests failure for 8c5dcfb3ad8ad5d7394d32c8c8f6896697c5e498 |
| return secret, c.CleanupSecretFunc(t, id) | ||
| } | ||
|
|
||
| func (c *SecretClient) CleanupSecretFunc(t *testing.T, id sdk.SchemaObjectIdentifier) func() { |
There was a problem hiding this comment.
Nit: In general, we name these functions like DropFunc. Also, Secret should be not present in function names.
| return func() { | ||
| _, err := c.client().ShowByID(ctx, id) | ||
| if errors.Is(err, sdk.ErrObjectNotExistOrAuthorized) { | ||
| return |
There was a problem hiding this comment.
Cool that you thought about checking an object here, but when we use IF EXISTS, this is not needed.
pkg/sdk/secrets_def.go
Outdated
| Field("Owner", "string"). | ||
| Field("Comment", "string"). | ||
| Field("SecretType", "string"). | ||
| Field("OauthScopes", "sql.NullString"). |
There was a problem hiding this comment.
In general, we try to parse fields containing lists/objects in convert, so that they are available as slices in the object struct. So, this should be "[]string". The same applies to OauthScopes in SecretDetails.
pkg/sdk/secrets_def.go
Outdated
| Field("OwnerRoleType", "string") | ||
|
|
||
| var secretDetailsDbRow = g.DbStruct("secretDetailsDBRow"). | ||
| Field("created_on", "string"). |
There was a problem hiding this comment.
Have changed it to use Time() instead of string
pkg/sdk/secrets_def.go
Outdated
| SQL("SECRET"). | ||
| IfNotExists(). | ||
| Name(). | ||
| PredefinedQueryStructField("Type", "string", g.StaticOptions().SQL("TYPE = PASSWORD")). |
There was a problem hiding this comment.
Nit: rather than having this field exported, you could use a name like secretType. In other places as well.
| assert.NotEmpty(t, s.DatabaseName) | ||
| assert.NotEmpty(t, s.SchemaName) | ||
| assert.NotEmpty(t, s.OwnerRoleType) | ||
| assert.NotEmpty(t, s.Owner) |
There was a problem hiding this comment.
Now we use generated asserts - check views integration tests.
There was a problem hiding this comment.
Have generated them and used after the first review
pkg/sdk/secrets_gen.go
Outdated
| SchemaName string | ||
| DatabaseName string | ||
| Owner string | ||
| Comment sql.NullString |
There was a problem hiding this comment.
These sql.* types should be present only in dbRows - we want to separate things returned from Snowflake from things returned by the SDK. You can use *string here.
| Name: id.Name(), | ||
| SecretType: "OAUTH2", | ||
| Comment: "a", | ||
| OauthRefreshTokenExpiryTime: stringDateToSnowflakeTimeFormat(time.DateOnly, refreshTokenExpiryTime), |
There was a problem hiding this comment.
@sfc-gh-jcieslak Do we have a helper function for comparing time? If not, this could be moved to helpers somewhere.
There was a problem hiding this comment.
I don't think so, time is more complicated topic, that's why for a long time we avoided parsing time from SHOW and just saved it as strings (I'm not sure if we should keep doing that instead of having time.Time). Mostly, because in some cases Snowflake outputs strange time formats that are non-standard and hard to parse. It means this function will only apply to secrets and maybe other objects and it's not generic for all objects. For example, resource monitor's time format is totally different as far as I remember (you can check start or end time in SHOW for resource monitor). I'm wondering what should we do with this function, let's leave the thread open for now and I'll take a closer look at it in the 2nd round of review.
There was a problem hiding this comment.
Let's leave it as it is right now, as a helper function just for secrets.
| ), | ||
| ) | ||
| err := client.Secrets.Alter(ctx, setRequest) | ||
| require.NoError(t, err) |
There was a problem hiding this comment.
You're missing assert here.
| require.Contains(t, returnedSecrets, *secretGenericString) | ||
| }) | ||
|
|
||
| t.Run("Show: SecretWithOAuthClientCredentialsFlow with Like", func(t *testing.T) { |
There was a problem hiding this comment.
It's cool you've provided all of these cases, but I think that one case for each filtering option is enough (with an arbitrary type).
sfc-gh-fbudzynski
force-pushed
the
add-secret-to-sdk
branch
from
c8564af
to
4ccc4e7
Compare
|
Integration tests failure for 4ccc4e7c6e391151251af148c4f0d03d559d2344 |
|
Integration tests failure for bdf2585574da6c6a5f77546015d0d107907aae1b |
|
Integration tests failure for 7791f33dae8de262967283156065ac9cee49972e |
Changes
References