-
Notifications
You must be signed in to change notification settings - Fork 418
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add support for default_secondary_roles #1030
Conversation
@sfc-gh-swinkler may I ask for activating GH actions for this PR pls? |
hello @mwiewior can you please rebase? |
hello @sfc-gh-swinkler done ! |
@sfc-gh-swinkler I've just spotted that some acceptance tests failed - will take a look and fix them. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good, but if you could please provide some clarification that would be nice
pkg/resources/user.go
Outdated
@@ -200,6 +207,11 @@ func ReadUser(d *schema.ResourceData, meta interface{}) error { | |||
return err | |||
} | |||
|
|||
err = d.Set("default_secondary_roles", removeEmptyStrings(strings.Split(u.DefaultSecondaryRoles.String, ","))) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unclear why there would be an empty string here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sfc-gh-swinkler ok, I refactored this one as well to make it more clear.
also can you please rebase? |
@sfc-gh-swinkler rebased as well |
Acceptance tests passed. |
@sfc-gh-swinkler could you pls take a look? |
/ok-to-test sha=283acef |
1 similar comment
/ok-to-test sha=283acef |
Integration tests success for 283acef |
Integration tests success for 283acef |
@mwiewior i am sorry but could you please rebase one more time? I just merged a different PR that that made this one out of date again. Everything else looks good to go for this PR though. |
@sfc-gh-swinkler thx ! I've just rebased. |
/ok-to-test sha=5344760 |
Integration tests success for 5344760 |
@mwiewior thank you for your contribution! |
@sfc-gh-swinkler thx for your valuable comments and help in getting it through! |
This to implement feature request #773
This feature is especially important if you use OAuth2 authentication mechanism with BI tool like Looker due to the
following limitation of this integration:
When using OAuth, you cannot switch to different roles in the Snowflake user account. As described in the Snowflake documentation, Snowflake uses the default role of the Snowflake user’s account, unless the default role is ACCOUNTADMIN or SECURITYADMIN. Because these roles are blocked for OAuth, Snowflake will instead use the PUBLIC role. See the Snowflake documentation for information.
Test Plan
References