diff --git a/pkg/manual_tests/README.md b/pkg/manual_tests/README.md index 69fc83e54d..64222ee991 100644 --- a/pkg/manual_tests/README.md +++ b/pkg/manual_tests/README.md @@ -5,4 +5,5 @@ Every test should be placed in the subfolder representing a particular test (mos and should contain a file describing the manual steps to perform the test. Here's the list of cases we currently cannot reproduce and write acceptance tests for: -- `user_default_database_and_role`: Setting up a user with default_namespace and default_role, then logging into that user to see what happens with those values in various scenarios (e.g. insufficient privileges on the role). \ No newline at end of file +- `user_default_database_and_role`: Setting up a user with default_namespace and default_role, then logging into that user to see what happens with those values in various scenarios (e.g. insufficient privileges on the role). +- `authentication_methods`: Some of the authentication methods require manual steps, like confirming MFA or setting more dependencies. diff --git a/pkg/provider/manual_tests/README.md b/pkg/manual_tests/authentication_methods/README.md similarity index 77% rename from pkg/provider/manual_tests/README.md rename to pkg/manual_tests/authentication_methods/README.md index 853dd16ba7..99d9d548b5 100644 --- a/pkg/provider/manual_tests/README.md +++ b/pkg/manual_tests/authentication_methods/README.md @@ -1,17 +1,17 @@ -# Manual tests +# Authentication methods manual tests -This directory is dedicated to hold steps for manual provider tests that are not possible to re-recreate in automated tests (or very hard to set up). These tests are disabled by default and require `TEST_SF_TF_ENABLE_MANUAL_TESTS` environmental variable to be set. +This directory is dedicated to hold steps for manual authentication methods tests in the provider that are not possible to re-recreate in automated tests (or very hard to set up). These tests are disabled by default and require `TEST_SF_TF_ENABLE_MANUAL_TESTS` environmental variable to be set. ## Okta authenticator test This test checks `Okta` authenticator option. It requires manual steps because of additional setup on Okta side. It assumes that `default` profile uses a standard values of account name, user, password, etc. 1. Set up a developer Okta account [here](https://developer.okta.com/signup/). -1. Go to admin panel and select Applications -> Create App Integration. -1. Create a new application with SAML 2.0 type and give it a unique name -1. Fill SAML settings - paste the URLs for the testing accounts, like `https://example.snowflakecomputing.com/fed/login` for Single sign on URL, Recipient URL, Destination URL and Audience URI (SP Entity ID) -1. Click Next and Finish -1. After the app gets created, click View SAML setup instructions -1. Save the values provided: IDP SSO URL, IDP Issuer, and X509 certificate -1. Create a new security integration in Snowflake: +2. Go to admin panel and select Applications -> Create App Integration. +3. Create a new application with SAML 2.0 type and give it a unique name +4. Fill SAML settings - paste the URLs for the testing accounts, like `https://example.snowflakecomputing.com/fed/login` for Single sign on URL, Recipient URL, Destination URL and Audience URI (SP Entity ID) +5. Click Next and Finish +6. After the app gets created, click View SAML setup instructions +7. Save the values provided: IDP SSO URL, IDP Issuer, and X509 certificate +8. Create a new security integration in Snowflake: ``` CREATE SECURITY INTEGRATION MyIDP TYPE=SAML2 @@ -23,8 +23,8 @@ SAML2_SP_INITIATED_LOGIN_PAGE_LABEL='myidp - okta' SAML2_ENABLE_SP_INITIATED=false SAML2_X509_CERT=''; ``` -1. Note that Snowflake and Okta login name must match, otherwise create a temporary user with a login name matching the one in Okta. -1. Prepare a TOML config like: +9. Note that Snowflake and Okta login name must match, otherwise create a temporary user with a login name matching the one in Okta. +10. Prepare a TOML config like: ``` [okta] organizationname='ORGANIZATION_NAME' @@ -33,7 +33,7 @@ user='LOGIN_NAME' # This is a value used to login in Okta password='PASSWORD' # This is a password in Okta oktaurl='https://dev-123456.okta.com' # URL of your Okta environment ``` -1. Run the tests - you should be able to authenticate with Okta. +11. Run the tests - you should be able to authenticate with Okta. ## UsernamePasswordMFA authenticator test diff --git a/pkg/provider/manual_tests/auth_test.go b/pkg/manual_tests/authentication_methods/auth_test.go similarity index 100% rename from pkg/provider/manual_tests/auth_test.go rename to pkg/manual_tests/authentication_methods/auth_test.go diff --git a/pkg/provider/provider_acceptance_test.go b/pkg/provider/provider_acceptance_test.go index 97e45b0734..5369ada5c6 100644 --- a/pkg/provider/provider_acceptance_test.go +++ b/pkg/provider/provider_acceptance_test.go @@ -221,7 +221,7 @@ func TestAcc_Provider_tomlConfig(t *testing.T) { Token: "token", KeepSessionAlive: true, DisableTelemetry: true, - Tracing: "info", + Tracing: string(sdk.DriverLogLevelInfo), TmpDirPath: ".", ClientRequestMfaToken: gosnowflake.ConfigBoolTrue, ClientStoreTemporaryCredential: gosnowflake.ConfigBoolTrue, @@ -229,6 +229,7 @@ func TestAcc_Provider_tomlConfig(t *testing.T) { IncludeRetryReason: gosnowflake.ConfigBoolTrue, DisableConsoleLogin: gosnowflake.ConfigBoolTrue, }, config) + assert.Equal(t, string(sdk.DriverLogLevelInfo), gosnowflake.GetLogger().GetLogLevel()) return nil }, @@ -296,7 +297,7 @@ func TestAcc_Provider_envConfig(t *testing.T) { t.Setenv(snowflakeenvs.DisableQueryContextCache, "false") t.Setenv(snowflakeenvs.IncludeRetryReason, "false") t.Setenv(snowflakeenvs.MaxRetryCount, "2") - t.Setenv(snowflakeenvs.DriverTracing, "debug") + t.Setenv(snowflakeenvs.DriverTracing, string(sdk.DriverLogLevelDebug)) t.Setenv(snowflakeenvs.TmpDirectoryPath, "../") t.Setenv(snowflakeenvs.DisableConsoleLogin, "false") }, @@ -333,7 +334,7 @@ func TestAcc_Provider_envConfig(t *testing.T) { Token: "token", KeepSessionAlive: true, DisableTelemetry: true, - Tracing: "debug", + Tracing: string(sdk.DriverLogLevelDebug), TmpDirPath: "../", ClientRequestMfaToken: gosnowflake.ConfigBoolFalse, ClientStoreTemporaryCredential: gosnowflake.ConfigBoolFalse, @@ -341,6 +342,7 @@ func TestAcc_Provider_envConfig(t *testing.T) { IncludeRetryReason: gosnowflake.ConfigBoolFalse, DisableConsoleLogin: gosnowflake.ConfigBoolFalse, }, config) + assert.Equal(t, string(sdk.DriverLogLevelDebug), gosnowflake.GetLogger().GetLogLevel()) return nil }, @@ -408,7 +410,7 @@ func TestAcc_Provider_tfConfig(t *testing.T) { t.Setenv(snowflakeenvs.DisableQueryContextCache, "false") t.Setenv(snowflakeenvs.IncludeRetryReason, "false") t.Setenv(snowflakeenvs.MaxRetryCount, "2") - t.Setenv(snowflakeenvs.DriverTracing, "debug") + t.Setenv(snowflakeenvs.DriverTracing, string(sdk.DriverLogLevelDebug)) t.Setenv(snowflakeenvs.TmpDirectoryPath, "../") t.Setenv(snowflakeenvs.DisableConsoleLogin, "false") }, @@ -445,7 +447,7 @@ func TestAcc_Provider_tfConfig(t *testing.T) { Token: "token", KeepSessionAlive: true, DisableTelemetry: true, - Tracing: "info", + Tracing: string(sdk.DriverLogLevelInfo), TmpDirPath: "../../", ClientRequestMfaToken: gosnowflake.ConfigBoolTrue, ClientStoreTemporaryCredential: gosnowflake.ConfigBoolTrue, @@ -453,6 +455,7 @@ func TestAcc_Provider_tfConfig(t *testing.T) { IncludeRetryReason: gosnowflake.ConfigBoolTrue, DisableConsoleLogin: gosnowflake.ConfigBoolTrue, }, config) + assert.Equal(t, string(sdk.DriverLogLevelInfo), gosnowflake.GetLogger().GetLogLevel()) return nil }, diff --git a/pkg/sdk/client.go b/pkg/sdk/client.go index a0cb338c17..8f6d66c8a4 100644 --- a/pkg/sdk/client.go +++ b/pkg/sdk/client.go @@ -14,14 +14,10 @@ import ( "github.com/snowflakedb/gosnowflake" ) -var ( - instrumentedSQL bool - gosnowflakeLoggingLevel string -) +var instrumentedSQL bool func init() { instrumentedSQL = os.Getenv(snowflakeenvs.NoInstrumentedSql) == "" - gosnowflakeLoggingLevel = os.Getenv(snowflakeenvs.DriverTracing) } type Client struct {