diff --git a/docs/data-sources/shares.md b/docs/data-sources/shares.md new file mode 100644 index 0000000000..6605a8caaa --- /dev/null +++ b/docs/data-sources/shares.md @@ -0,0 +1,38 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "snowflake_shares Data Source - terraform-provider-snowflake" +subcategory: "" +description: |- + +--- + +# snowflake_shares (Data Source) + + + + + + +## Schema + +### Optional + +- `pattern` (String) Filters the command output by object name. + +### Read-Only + +- `id` (String) The ID of this resource. +- `shares` (List of Object) List of all the shares available in the system. (see [below for nested schema](#nestedatt--shares)) + + +### Nested Schema for `shares` + +Read-Only: + +- `comment` (String) +- `kind` (String) +- `name` (String) +- `owner` (String) +- `to` (String) + + diff --git a/docs/index.md b/docs/index.md index 278ba77ed3..cbfc4c3d4f 100644 --- a/docs/index.md +++ b/docs/index.md @@ -53,6 +53,7 @@ provider "snowflake" { - `browser_auth` (Boolean) Required when `oauth_refresh_token` is used. Can be sourced from `SNOWFLAKE_USE_BROWSER_AUTH` environment variable. - `host` (String) Supports passing in a custom host value to the snowflake go driver for use with privatelink. +- `insecure_mode` (Boolean) If true, bypass the Online Certificate Status Protocol (OCSP) certificate revocation check. IMPORTANT: Change the default value for testing or emergency situations only. - `oauth_access_token` (String, Sensitive) Token for use with OAuth. Generating the token is left to other tools. Cannot be used with `browser_auth`, `private_key_path`, `oauth_refresh_token` or `password`. Can be sourced from `SNOWFLAKE_OAUTH_ACCESS_TOKEN` environment variable. - `oauth_client_id` (String, Sensitive) Required when `oauth_refresh_token` is used. Can be sourced from `SNOWFLAKE_OAUTH_CLIENT_ID` environment variable. - `oauth_client_secret` (String, Sensitive) Required when `oauth_refresh_token` is used. Can be sourced from `SNOWFLAKE_OAUTH_CLIENT_SECRET` environment variable. diff --git a/pkg/provider/provider.go b/pkg/provider/provider.go index 5cfba7c3bc..b7cb37e822 100644 --- a/pkg/provider/provider.go +++ b/pkg/provider/provider.go @@ -164,6 +164,12 @@ func Provider() *schema.Provider { Optional: true, DefaultFunc: schema.EnvDefaultFunc("SNOWFLAKE_PROTOCOL", "https"), }, + "insecure_mode": { + Type: schema.TypeBool, + Description: "If true, bypass the Online Certificate Status Protocol (OCSP) certificate revocation check. IMPORTANT: Change the default value for testing or emergency situations only.", + Optional: true, + DefaultFunc: schema.EnvDefaultFunc("SNOWFLAKE_INSECURE_MODE", false), + }, "warehouse": { Type: schema.TypeString, Description: "Sets the default warehouse. Optional. Can be sourced from SNOWFLAKE_WAREHOUSE environment variable.", @@ -324,6 +330,7 @@ func ConfigureProvider(s *schema.ResourceData) (interface{}, error) { protocol := s.Get("protocol").(string) port := s.Get("port").(int) warehouse := s.Get("warehouse").(string) + insecureMode := s.Get("insecure_mode").(bool) if oauthRefreshToken != "" { accessToken, err := GetOauthAccessToken(oauthEndpoint, oauthClientID, oauthClientSecret, GetOauthData(oauthRefreshToken, oauthRedirectURL)) @@ -348,6 +355,7 @@ func ConfigureProvider(s *schema.ResourceData) (interface{}, error) { protocol, port, warehouse, + insecureMode, ) if err != nil { return nil, fmt.Errorf("could not build dsn for snowflake connection err = %w", err) @@ -376,6 +384,7 @@ func DSN( protocol string, port int, warehouse string, + insecureMode bool, ) (string, error) { // us-west-2 is Snowflake's default region, but if you actually specify that it won't trigger the default code // https://github.com/snowflakedb/gosnowflake/blob/52137ce8c32eaf93b0bd22fc5c7297beff339812/dsn.go#L61 @@ -384,13 +393,14 @@ func DSN( } config := gosnowflake.Config{ - Account: account, - User: user, - Region: region, - Role: role, - Application: "terraform-provider-snowflake", - Port: port, - Protocol: protocol, + Account: account, + User: user, + Region: region, + Role: role, + Application: "terraform-provider-snowflake", + Port: port, + Protocol: protocol, + InsecureMode: insecureMode, } // If host is set trust it and do not use the region value @@ -573,6 +583,7 @@ func GetDatabaseHandleFromEnv() (db *sql.DB, err error) { protocol, port, warehouse, + false, ) if err != nil { return nil, err diff --git a/pkg/provider/provider_test.go b/pkg/provider/provider_test.go index 83f93403fc..2e7d9bbe75 100644 --- a/pkg/provider/provider_test.go +++ b/pkg/provider/provider_test.go @@ -64,7 +64,7 @@ func TestDSN(t *testing.T) { for _, tt := range tests { tt := tt t.Run(tt.name, func(t *testing.T) { - got, err := provider.DSN(tt.args.account, tt.args.user, tt.args.password, tt.args.browserAuth, "", "", "", "", tt.args.region, tt.args.role, tt.args.host, tt.args.protocol, tt.args.port, "") + got, err := provider.DSN(tt.args.account, tt.args.user, tt.args.password, tt.args.browserAuth, "", "", "", "", tt.args.region, tt.args.role, tt.args.host, tt.args.protocol, tt.args.port, "", false) if (err != nil) != tt.wantErr { t.Errorf("DSN() error = %v, wantErr %v", err, tt.wantErr) return @@ -114,7 +114,7 @@ func TestOAuthDSN(t *testing.T) { for _, tt := range tests { tt := tt t.Run(tt.name, func(t *testing.T) { - got, err := provider.DSN(tt.args.account, tt.args.user, "", false, "", "", "", tt.args.oauthAccessToken, tt.args.region, tt.args.role, tt.args.host, tt.args.protocol, tt.args.port, "") + got, err := provider.DSN(tt.args.account, tt.args.user, "", false, "", "", "", tt.args.oauthAccessToken, tt.args.region, tt.args.role, tt.args.host, tt.args.protocol, tt.args.port, "", false) if (err != nil) != tt.wantErr { t.Errorf("DSN() error = %v, dsn = %v, wantErr %v", err, got, tt.wantErr)