Add remaining integrations

Snowflake-Labs · Jul 9, 2024 · 2dcc9c3 · 2dcc9c3
1 parent e25635b
commit 2dcc9c3
Show file tree

Hide file tree

Showing 26 changed files with 872 additions and 209 deletions.
diff --git a/docs/data-sources/security_integrations.md b/docs/data-sources/security_integrations.md
diff --git a/pkg/acceptance/check_destroy.go b/pkg/acceptance/check_destroy.go
@@ -67,6 +67,15 @@ var showByIdFunctions = map[resources.Resource]showByIdFunc{
 	resources.Alert: func(ctx context.Context, client *sdk.Client, id sdk.ObjectIdentifier) error {
 		return runShowById(ctx, id, client.Alerts.ShowByID)
 	},
+	resources.ApiAuthenticationIntegrationWithAuthorizationCodeGrant: func(ctx context.Context, client *sdk.Client, id sdk.ObjectIdentifier) error {
+		return runShowById(ctx, id, client.SecurityIntegrations.ShowByID)
+	},
+	resources.ApiAuthenticationIntegrationWithClientCredentials: func(ctx context.Context, client *sdk.Client, id sdk.ObjectIdentifier) error {
+		return runShowById(ctx, id, client.SecurityIntegrations.ShowByID)
+	},
+	resources.ApiAuthenticationIntegrationWithJwtBearer: func(ctx context.Context, client *sdk.Client, id sdk.ObjectIdentifier) error {
+		return runShowById(ctx, id, client.SecurityIntegrations.ShowByID)
+	},
 	resources.ApiIntegration: func(ctx context.Context, client *sdk.Client, id sdk.ObjectIdentifier) error {
 		return runShowById(ctx, id, client.ApiIntegrations.ShowByID)
 	},

diff --git a/pkg/datasources/security_integrations_acceptance_test.go b/pkg/datasources/security_integrations_acceptance_test.go
diff --git a/...curityIntegrations/api_authentication_with_authorization_code_grant/optionals_set/test.tf b/...curityIntegrations/api_authentication_with_authorization_code_grant/optionals_set/test.tf
@@ -0,0 +1,19 @@
+resource "snowflake_api_authentication_integration_with_authorization_code_grant" "test" {
+  comment                      = var.comment
+  enabled                      = var.enabled
+  name                         = var.name
+  oauth_access_token_validity  = var.oauth_access_token_validity
+  oauth_authorization_endpoint = var.oauth_authorization_endpoint
+  oauth_client_auth_method     = var.oauth_client_auth_method
+  oauth_client_id              = var.oauth_client_id
+  oauth_client_secret          = var.oauth_client_secret
+  oauth_refresh_token_validity = var.oauth_refresh_token_validity
+  oauth_token_endpoint         = var.oauth_token_endpoint
+  oauth_allowed_scopes         = var.oauth_allowed_scopes
+}
+
+data "snowflake_security_integrations" "test" {
+  depends_on = [snowflake_api_authentication_integration_with_authorization_code_grant.test]
+
+  like = var.name
+}
diff --git a/...yIntegrations/api_authentication_with_authorization_code_grant/optionals_set/variables.tf b/...yIntegrations/api_authentication_with_authorization_code_grant/optionals_set/variables.tf
@@ -0,0 +1,33 @@
+variable "comment" {
+  type = string
+}
+variable "enabled" {
+  type = bool
+}
+variable "name" {
+  type = string
+}
+variable "oauth_access_token_validity" {
+  type = number
+}
+variable "oauth_authorization_endpoint" {
+  type = string
+}
+variable "oauth_client_auth_method" {
+  type = string
+}
+variable "oauth_client_id" {
+  type = string
+}
+variable "oauth_client_secret" {
+  type = string
+}
+variable "oauth_refresh_token_validity" {
+  type = number
+}
+variable "oauth_token_endpoint" {
+  type = string
+}
+variable "oauth_allowed_scopes" {
+  type = set(string)
+}
diff --git a/...rityIntegrations/api_authentication_with_authorization_code_grant/optionals_unset/test.tf b/...rityIntegrations/api_authentication_with_authorization_code_grant/optionals_unset/test.tf
@@ -0,0 +1,20 @@
+resource "snowflake_api_authentication_integration_with_authorization_code_grant" "test" {
+  comment                      = var.comment
+  enabled                      = var.enabled
+  name                         = var.name
+  oauth_access_token_validity  = var.oauth_access_token_validity
+  oauth_authorization_endpoint = var.oauth_authorization_endpoint
+  oauth_client_auth_method     = var.oauth_client_auth_method
+  oauth_client_id              = var.oauth_client_id
+  oauth_client_secret          = var.oauth_client_secret
+  oauth_refresh_token_validity = var.oauth_refresh_token_validity
+  oauth_token_endpoint         = var.oauth_token_endpoint
+  oauth_allowed_scopes         = var.oauth_allowed_scopes
+}
+
+data "snowflake_security_integrations" "test" {
+  depends_on = [snowflake_api_authentication_integration_with_authorization_code_grant.test]
+
+  with_describe = false
+  like          = var.name
+}
diff --git a/...ntegrations/api_authentication_with_authorization_code_grant/optionals_unset/variables.tf b/...ntegrations/api_authentication_with_authorization_code_grant/optionals_unset/variables.tf
@@ -0,0 +1,33 @@
+variable "comment" {
+  type = string
+}
+variable "enabled" {
+  type = bool
+}
+variable "name" {
+  type = string
+}
+variable "oauth_access_token_validity" {
+  type = number
+}
+variable "oauth_authorization_endpoint" {
+  type = string
+}
+variable "oauth_client_auth_method" {
+  type = string
+}
+variable "oauth_client_id" {
+  type = string
+}
+variable "oauth_client_secret" {
+  type = string
+}
+variable "oauth_refresh_token_validity" {
+  type = number
+}
+variable "oauth_token_endpoint" {
+  type = string
+}
+variable "oauth_allowed_scopes" {
+  type = set(string)
+}
diff --git a/...rces/testdata/TestAcc_SecurityIntegrations/oauth_for_custom_clients/optionals_set/test.tf b/...rces/testdata/TestAcc_SecurityIntegrations/oauth_for_custom_clients/optionals_set/test.tf
@@ -0,0 +1,24 @@
+resource "snowflake_oauth_integration_for_custom_clients" "test" {
+  blocked_roles_list               = var.blocked_roles_list
+  comment                          = var.comment
+  enabled                          = var.enabled
+  name                             = var.name
+  network_policy                   = var.network_policy
+  oauth_allow_non_tls_redirect_uri = var.oauth_allow_non_tls_redirect_uri
+  oauth_client_rsa_public_key      = var.oauth_client_rsa_public_key
+  oauth_client_rsa_public_key_2    = var.oauth_client_rsa_public_key_2
+  oauth_client_type                = var.oauth_client_type
+  oauth_enforce_pkce               = var.oauth_enforce_pkce
+  oauth_issue_refresh_tokens       = var.oauth_issue_refresh_tokens
+  oauth_redirect_uri               = var.oauth_redirect_uri
+  oauth_refresh_token_validity     = var.oauth_refresh_token_validity
+  oauth_use_secondary_roles        = var.oauth_use_secondary_roles
+  pre_authorized_roles_list        = var.pre_authorized_roles_list
+}
+
+
+data "snowflake_security_integrations" "test" {
+  depends_on = [snowflake_oauth_integration_for_custom_clients.test]
+
+  like = var.name
+}
diff --git a/...testdata/TestAcc_SecurityIntegrations/oauth_for_custom_clients/optionals_set/variables.tf b/...testdata/TestAcc_SecurityIntegrations/oauth_for_custom_clients/optionals_set/variables.tf
@@ -0,0 +1,46 @@
+
+variable "blocked_roles_list" {
+  type = set(string)
+}
+variable "comment" {
+  type = string
+}
+variable "enabled" {
+  type = bool
+}
+variable "name" {
+  type = string
+}
+variable "network_policy" {
+  type = string
+}
+variable "oauth_allow_non_tls_redirect_uri" {
+  type = bool
+}
+variable "oauth_client_rsa_public_key" {
+  type = string
+}
+variable "oauth_client_rsa_public_key_2" {
+  type = string
+}
+variable "oauth_client_type" {
+  type = string
+}
+variable "oauth_enforce_pkce" {
+  type = bool
+}
+variable "oauth_issue_refresh_tokens" {
+  type = bool
+}
+variable "oauth_redirect_uri" {
+  type = string
+}
+variable "oauth_refresh_token_validity" {
+  type = number
+}
+variable "oauth_use_secondary_roles" {
+  type = string
+}
+variable "pre_authorized_roles_list" {
+  type = set(string)
+}
diff --git a/...es/testdata/TestAcc_SecurityIntegrations/oauth_for_custom_clients/optionals_unset/test.tf b/...es/testdata/TestAcc_SecurityIntegrations/oauth_for_custom_clients/optionals_unset/test.tf
@@ -0,0 +1,25 @@
+resource "snowflake_oauth_integration_for_custom_clients" "test" {
+  blocked_roles_list               = var.blocked_roles_list
+  comment                          = var.comment
+  enabled                          = var.enabled
+  name                             = var.name
+  network_policy                   = var.network_policy
+  oauth_allow_non_tls_redirect_uri = var.oauth_allow_non_tls_redirect_uri
+  oauth_client_rsa_public_key      = var.oauth_client_rsa_public_key
+  oauth_client_rsa_public_key_2    = var.oauth_client_rsa_public_key_2
+  oauth_client_type                = var.oauth_client_type
+  oauth_enforce_pkce               = var.oauth_enforce_pkce
+  oauth_issue_refresh_tokens       = var.oauth_issue_refresh_tokens
+  oauth_redirect_uri               = var.oauth_redirect_uri
+  oauth_refresh_token_validity     = var.oauth_refresh_token_validity
+  oauth_use_secondary_roles        = var.oauth_use_secondary_roles
+  pre_authorized_roles_list        = var.pre_authorized_roles_list
+}
+
+
+data "snowflake_security_integrations" "test" {
+  depends_on = [snowflake_oauth_integration_for_custom_clients.test]
+
+  with_describe = false
+  like          = var.name
+}
diff --git a/...stdata/TestAcc_SecurityIntegrations/oauth_for_custom_clients/optionals_unset/variables.tf b/...stdata/TestAcc_SecurityIntegrations/oauth_for_custom_clients/optionals_unset/variables.tf
@@ -0,0 +1,46 @@
+
+variable "blocked_roles_list" {
+  type = set(string)
+}
+variable "comment" {
+  type = string
+}
+variable "enabled" {
+  type = bool
+}
+variable "name" {
+  type = string
+}
+variable "network_policy" {
+  type = string
+}
+variable "oauth_allow_non_tls_redirect_uri" {
+  type = bool
+}
+variable "oauth_client_rsa_public_key" {
+  type = string
+}
+variable "oauth_client_rsa_public_key_2" {
+  type = string
+}
+variable "oauth_client_type" {
+  type = string
+}
+variable "oauth_enforce_pkce" {
+  type = bool
+}
+variable "oauth_issue_refresh_tokens" {
+  type = bool
+}
+variable "oauth_redirect_uri" {
+  type = string
+}
+variable "oauth_refresh_token_validity" {
+  type = number
+}
+variable "oauth_use_secondary_roles" {
+  type = string
+}
+variable "pre_authorized_roles_list" {
+  type = set(string)
+}
diff --git a/...estdata/TestAcc_SecurityIntegrations/oauth_for_partner_applications/optionals_set/test.tf b/...estdata/TestAcc_SecurityIntegrations/oauth_for_partner_applications/optionals_set/test.tf
@@ -0,0 +1,16 @@
+resource "snowflake_oauth_integration_for_partner_applications" "test" {
+  name                         = var.name
+  oauth_client                 = var.oauth_client
+  blocked_roles_list           = var.blocked_roles_list
+  enabled                      = var.enabled
+  oauth_issue_refresh_tokens   = var.oauth_issue_refresh_tokens
+  oauth_refresh_token_validity = var.oauth_refresh_token_validity
+  oauth_use_secondary_roles    = var.oauth_use_secondary_roles
+  comment                      = var.comment
+}
+
+data "snowflake_security_integrations" "test" {
+  depends_on = [snowflake_oauth_integration_for_partner_applications.test]
+
+  like = var.name
+}
diff --git a/...ta/TestAcc_SecurityIntegrations/oauth_for_partner_applications/optionals_set/variables.tf b/...ta/TestAcc_SecurityIntegrations/oauth_for_partner_applications/optionals_set/variables.tf
@@ -0,0 +1,24 @@
+variable "name" {
+  type = string
+}
+variable "oauth_client" {
+  type = string
+}
+variable "blocked_roles_list" {
+  type = set(string)
+}
+variable "enabled" {
+  type = string
+}
+variable "oauth_issue_refresh_tokens" {
+  type = string
+}
+variable "oauth_refresh_token_validity" {
+  type = string
+}
+variable "oauth_use_secondary_roles" {
+  type = string
+}
+variable "comment" {
+  type = string
+}
diff --git a/...tdata/TestAcc_SecurityIntegrations/oauth_for_partner_applications/optionals_unset/test.tf b/...tdata/TestAcc_SecurityIntegrations/oauth_for_partner_applications/optionals_unset/test.tf
@@ -0,0 +1,17 @@
+resource "snowflake_oauth_integration_for_partner_applications" "test" {
+  name                         = var.name
+  oauth_client                 = var.oauth_client
+  blocked_roles_list           = var.blocked_roles_list
+  enabled                      = var.enabled
+  oauth_issue_refresh_tokens   = var.oauth_issue_refresh_tokens
+  oauth_refresh_token_validity = var.oauth_refresh_token_validity
+  oauth_use_secondary_roles    = var.oauth_use_secondary_roles
+  comment                      = var.comment
+}
+
+data "snowflake_security_integrations" "test" {
+  depends_on = [snowflake_oauth_integration_for_partner_applications.test]
+
+  with_describe = false
+  like          = var.name
+}
diff --git a/.../TestAcc_SecurityIntegrations/oauth_for_partner_applications/optionals_unset/variables.tf b/.../TestAcc_SecurityIntegrations/oauth_for_partner_applications/optionals_unset/variables.tf
@@ -0,0 +1,24 @@
+variable "name" {
+  type = string
+}
+variable "oauth_client" {
+  type = string
+}
+variable "blocked_roles_list" {
+  type = set(string)
+}
+variable "enabled" {
+  type = string
+}
+variable "oauth_issue_refresh_tokens" {
+  type = string
+}
+variable "oauth_refresh_token_validity" {
+  type = string
+}
+variable "oauth_use_secondary_roles" {
+  type = string
+}
+variable "comment" {
+  type = string
+}
diff --git a/pkg/helpers/helpers.go b/pkg/helpers/helpers.go
@@ -151,3 +151,12 @@ func MergeMaps[M ~map[K]V, K comparable, V any](src ...M) M {
 	}
 	return merged
 }
+
+// TODO: use slices.Concat in Go 1.22
+func ConcatSlices[T any](slices ...[]T) []T {
+	var tmp []T
+	for _, s := range slices {
+		tmp = append(tmp, s...)
+	}
+	return tmp
+}