Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make resolve-private-key include private-key-options in database details #41941

Merged
merged 3 commits into from
Apr 29, 2024
Merged

Make resolve-private-key include private-key-options in database details #41941

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
40c70a9
Update get-secrect-string
lbrdnk Apr 29, 2024
08c2b94
Revert "Update get-secrect-string"
lbrdnk Apr 29, 2024
42852c8
Update resolve-private-key and add test
lbrdnk Apr 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
7 changes: 5 additions & 2 deletions modules/drivers/snowflake/src/metabase/driver/snowflake.clj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,8 +110,11 @@
private-key-file (handle-conn-uri user account private-key-file)))

:else
;; get-secret-string should get the right value (using private-key-value or private-key-id) and decode it automatically
(let [decoded (secret/get-secret-string details "private-key")
;; Why setting `:private-key-options` to "uploaded"? To fix the issue #41852. Snowflake's database edit gui
;; is designed in a way, that `:private-key-options` are not sent if `hosting` enterprise feature is enabled.
;; The option must be set to "uploaded" for base64 decoding to happen. Setting that option at this point is fine
;; because the alternative ("local") is ruled out already in this `cond` branch.
(let [decoded (secret/get-secret-string (assoc details :private-key-options "uploaded") "private-key")
file (secret/value->file! {:connection-property-name "private-key-file"
:value decoded})]
(assoc (handle-conn-uri base-details user account file)
Expand Down
16 changes: 15 additions & 1 deletion modules/drivers/snowflake/test/metabase/driver/snowflake_test.clj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -321,7 +321,7 @@

(defn- format-env-key ^String [env-key]
(let [[_ header body footer]
(re-find #"(-----BEGIN (?:\p{Alnum}+ )?PRIVATE KEY-----)(.*)(-----END (?:\p{Alnum}+ )?PRIVATE KEY-----)" env-key)]
(re-find #"(?s)(-----BEGIN (?:\p{Alnum}+ )?PRIVATE KEY-----)(.*)(-----END (?:\p{Alnum}+ )?PRIVATE KEY-----)" env-key)]
(str header (str/replace body #"\s+|\\n" "\n") footer)))

(deftest can-connect-test
Expand Down Expand Up @@ -357,6 +357,20 @@
(merge {:db pk-db :user pk-user} to-merge))]
(is (can-connect? details)))))))))))

(deftest can-connect-pk-no-options-test
(mt/test-driver
:snowflake
(testing "Can connect with base64 encoded `:private-key-value` and no `:private-key-options` set (#41852)"
(let [pk-key (format-env-key (tx/db-test-env-var-or-throw :snowflake :pk-private-key))
pk-user (tx/db-test-env-var :snowflake :pk-user)
pk-db "SNOWFLAKE_SAMPLE_DATA"
details (-> (:details (mt/db))
(dissoc :password)
(assoc :dbname pk-db
:private-key-value (u/encode-base64 pk-key)
:user pk-user))]
(is (driver/can-connect? :snowflake details))))))

(deftest report-timezone-test
(mt/test-driver :snowflake
(testing "Make sure temporal parameters are set and returned correctly when report-timezone is set (#11036)"
Expand Down