passing int tests

pkg/sdk/authentication_policies_def.go

@@ -170,10 +170,10 @@ var (
 			g.DescriptionMappingKindSlice,
 			"https://docs.snowflake.com/en/sql-reference/sql/desc-authentication-policy",
 			g.DbStruct("describeAuthenticationPolicyDBRow").
-				Field("name", "string").
+				Field("property", "string").
 				Field("value", "string"),
 			g.PlainStruct("AuthenticationPolicyDescription").
-				Field("Name", "string").
+				Field("Property", "string").
 				Field("Value", "string"),
 			g.NewQueryStruct("DescribeAuthenticationPolicy").
 				Describe().

pkg/sdk/authentication_policies_gen.go

@@ -114,11 +114,11 @@ type DescribeAuthenticationPolicyOptions struct {
 	name                 SchemaObjectIdentifier `ddl:"identifier"`
 }
 type describeAuthenticationPolicyDBRow struct {
-	Name  string `db:"name"`
+	Property  string `db:"property"`
 	Value string `db:"value"`
 }
 type AuthenticationPolicyDescription struct {
-	Name  string
+	Property  string
 	Value string
 }
 

pkg/sdk/authentication_policies_impl_gen.go

@@ -134,6 +134,7 @@ func (r showAuthenticationPolicyDBRow) convert() *AuthenticationPolicy {
 		Owner:         r.Owner,
 		OwnerRoleType: r.OwnerRoleType,
 		Options:       r.Options,
+		Comment:       r.Comment,
 	}
 }
 
@@ -146,7 +147,7 @@ func (r *DescribeAuthenticationPolicyRequest) toOpts() *DescribeAuthenticationPo
 
 func (r describeAuthenticationPolicyDBRow) convert() *AuthenticationPolicyDescription {
 	return &AuthenticationPolicyDescription{
-		Name:  r.Name,
+		Property:  r.Property,
 		Value: r.Value,
 	}
 }

pkg/sdk/testint/authentication_policies_gen_integration_test.go

@@ -1,6 +1,7 @@
 package testint
 
 import (
+	"fmt"
 	"testing"
 
 	"github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/acceptance/helpers/random"
@@ -13,6 +14,7 @@ import (
 func TestInt_AuthenticationPolicies(t *testing.T) {
 	client := testClient(t)
 	ctx := testContext(t)
+	cert := random.GenerateX509(t)
 
 	assertAuthenticationPolicy := func(t *testing.T, authenticationPolicy *sdk.AuthenticationPolicy, id sdk.SchemaObjectIdentifier, expectedComment string) {
 		t.Helper()
@@ -28,11 +30,19 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 	cleanupAuthenticationPolicyProvider := func(id sdk.SchemaObjectIdentifier) func() {
 		return func() {
-			err := client.AuthenticationPolicies.Drop(ctx, sdk.NewDropAuthenticationPolicyRequest(id))
+			err := client.AuthenticationPolicies.Drop(ctx, sdk.NewDropAuthenticationPolicyRequest(id).WithIfExists(true))
 			require.NoError(t, err)
 		}
 	}
 
+	cleanupSecurityIntegration := func(t *testing.T, id sdk.AccountObjectIdentifier) {
+		t.Helper()
+		t.Cleanup(func() {
+			err := client.SecurityIntegrations.Drop(ctx, sdk.NewDropSecurityIntegrationRequest(id).WithIfExists(true))
+			assert.NoError(t, err)
+		})
+	}
+
 	createAuthenticationPolicy := func(t *testing.T) *sdk.AuthenticationPolicy {
 		t.Helper()
 		id := testClientHelper().Ids.RandomSchemaObjectIdentifier()
@@ -55,6 +65,23 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 			WithComment(comment)
 	}
 
+	createSAML2Integration := func(t *testing.T, with func(*sdk.CreateSaml2SecurityIntegrationRequest)) sdk.AccountObjectIdentifier {
+		t.Helper()
+		id := testClientHelper().Ids.RandomAccountObjectIdentifier()
+		issuer := testClientHelper().Ids.Alpha()
+		saml2Req := sdk.NewCreateSaml2SecurityIntegrationRequest(id, issuer, "https://example.com", sdk.Saml2SecurityIntegrationSaml2ProviderCustom, cert)
+		if with != nil {
+			with(saml2Req)
+		}
+		err := client.SecurityIntegrations.CreateSaml2(ctx, saml2Req)
+		require.NoError(t, err)
+		cleanupSecurityIntegration(t, id)
+		_, showErr := client.SecurityIntegrations.ShowByID(ctx, id)
+		require.NoError(t, showErr)
+
+		return id
+	}
+
 	t.Run("Create", func(t *testing.T) {
 		id := testClientHelper().Ids.RandomSchemaObjectIdentifier()
 		comment := random.Comment()
@@ -84,7 +111,7 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "AUTHENTICATION_METHODS", Value: "[PASSWORD]"})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "AUTHENTICATION_METHODS", Value: "[PASSWORD]"})
 	})
 
 	t.Run("Alter - set client types", func(t *testing.T) {
@@ -98,21 +125,24 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "CLIENT_TYPES", Value: "[DRIVERS, SNOWSQL]"})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "CLIENT_TYPES", Value: "[DRIVERS, SNOWSQL]"})
 	})
 
 	t.Run("Alter - set security integrations", func(t *testing.T) {
+		secId := createSAML2Integration(t, func(r *sdk.CreateSaml2SecurityIntegrationRequest) {
+			r.WithEnabled(true)
+		})
 		req := defaultCreateRequest()
 		err := client.AuthenticationPolicies.Create(ctx, req)
 		t.Cleanup(cleanupAuthenticationPolicyProvider(req.GetName()))
 
 		alterErr := client.AuthenticationPolicies.Alter(ctx, sdk.NewAlterAuthenticationPolicyRequest(req.GetName()).
-			WithSet(*sdk.NewAuthenticationPolicySetRequest().WithSecurityIntegrations([]sdk.SecurityIntegrationsOption{{Name: "sec-integration"}})))
+			WithSet(*sdk.NewAuthenticationPolicySetRequest().WithSecurityIntegrations([]sdk.SecurityIntegrationsOption{{Name: secId.Name()}})))
 		require.NoError(t, alterErr)
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "SECURITY_INTEGRATIONS", Value: "[sec-integration]"})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "SECURITY_INTEGRATIONS", Value: fmt.Sprintf("[%s]", secId.Name())})
 	})
 
 	t.Run("Alter - set mfa authentication methods", func(t *testing.T) {
@@ -126,7 +156,7 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "MFA_AUTHENTICATION_METHODS", Value: "[PASSWORD]"})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "MFA_AUTHENTICATION_METHODS", Value: "[PASSWORD]"})
 	})
 
 	t.Run("Alter - set mfa enrollment", func(t *testing.T) {
@@ -140,7 +170,7 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "MFA_ENROLLMENT", Value: "REQUIRED"})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "MFA_ENROLLMENT", Value: "REQUIRED"})
 	})
 
 	t.Run("Alter - set comment", func(t *testing.T) {
@@ -154,7 +184,7 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "COMMENT", Value: "new comment"})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "COMMENT", Value: "new comment"})
 	})
 
 	t.Run("Alter - unset authentication methods", func(t *testing.T) {
@@ -168,7 +198,7 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "AUTHENTICATION_METHODS", Value: "[]"})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "AUTHENTICATION_METHODS", Value: "[ALL]"})
 	})
 
 	t.Run("Alter - unset client types", func(t *testing.T) {
@@ -182,7 +212,7 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "CLIENT_TYPES", Value: "[]"})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "CLIENT_TYPES", Value: "[ALL]"})
 	})
 
 	t.Run("Alter - unset security integrations", func(t *testing.T) {
@@ -196,7 +226,7 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "SECURITY_INTEGRATIONS", Value: "[]"})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "SECURITY_INTEGRATIONS", Value: "[ALL]"})
 	})
 
 	t.Run("Alter - unset mfa authentication methods", func(t *testing.T) {
@@ -210,7 +240,7 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "MFA_AUTHENTICATION_METHODS", Value: "[]"})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "MFA_AUTHENTICATION_METHODS", Value: "[PASSWORD, SAML]"})
 	})
 
 	t.Run("Alter - unset mfa enrollment", func(t *testing.T) {
@@ -224,7 +254,7 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "MFA_ENROLLMENT", Value: ""})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "MFA_ENROLLMENT", Value: "OPTIONAL"})
 	})
 
 	t.Run("Alter - unset comment", func(t *testing.T) {
@@ -238,22 +268,22 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 
 		desc, err := client.AuthenticationPolicies.Describe(ctx, req.GetName())
 		require.NoError(t, err)
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "SECURITY_INTEGRATIONS", Value: ""})
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "COMMENT", Value: "null"})
 	})
 
 	t.Run("Alter - rename", func(t *testing.T) {
 		req := defaultCreateRequest()
-		err := client.AuthenticationPolicies.Create(ctx, req)
+		client.AuthenticationPolicies.Create(ctx, req)
 		t.Cleanup(cleanupAuthenticationPolicyProvider(req.GetName()))
 
 		newId := testClientHelper().Ids.RandomSchemaObjectIdentifier()
+		t.Cleanup(cleanupAuthenticationPolicyProvider(newId))
 		alterErr := client.AuthenticationPolicies.Alter(ctx, sdk.NewAlterAuthenticationPolicyRequest(req.GetName()).
 			WithRenameTo(newId))
 		require.NoError(t, alterErr)
 
-		desc, err := client.AuthenticationPolicies.Show(ctx, sdk.NewShowAuthenticationPolicyRequest())
-		require.NoError(t, err)
-		assert.Equal(t, 1, len(desc))
+		_, descErr := client.AuthenticationPolicies.Describe(ctx, req.GetName())
+		assert.ErrorIs(t, descErr, sdk.ErrObjectNotExistOrAuthorized)
 	})
 
 	t.Run("Drop: existing", func(t *testing.T) {
@@ -294,7 +324,7 @@ func TestInt_AuthenticationPolicies(t *testing.T) {
 		desc, err := client.AuthenticationPolicies.Describe(ctx, request.GetName())
 		require.NoError(t, err)
 
-		assert.Equal(t, 2, len(desc))
-		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Name: "COMMENT", Value: "some comment"})
+		assert.Equal(t, 8, len(desc))
+		assert.Contains(t, desc, sdk.AuthenticationPolicyDescription{Property: "COMMENT", Value: "some_comment"})
 	})
 }