Skip to content

Commit

Permalink
SNOW-1728000 Switch to key with no password
Browse files Browse the repository at this point in the history
  • Loading branch information
sfc-gh-mbobowski committed Nov 6, 2024
1 parent c33d196 commit a988384
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 41 deletions.
Binary file modified .github/scripts/profile.json.gpg
Binary file not shown.
31 changes: 0 additions & 31 deletions test/test_suit/test_utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,34 +28,3 @@ class NonRetryableError(Error):

def __init__(self, msg=""):
self.msg = msg


def parsePrivateKey(pk, pk_passphrase):
pkpass = None
if len(pk_passphrase) != 0:
pkpass = pk_passphrase.encode()

# remove header, footer, and line breaks
pk = re.sub("-+[A-Za-z ]+-+", "", pk)
pk = re.sub("\\s", "", pk)

pkBuilder = ""
pkBuilder += "-----BEGIN ENCRYPTED PRIVATE KEY-----"
for i, c in enumerate(pk):
if i % 64 == 0:
pkBuilder += "\n"
pkBuilder += c
pkBuilder += "\n-----END ENCRYPTED PRIVATE KEY-----"

p_key = serialization.load_pem_private_key(
pkBuilder.encode(),
password=pkpass,
backend=default_backend()
)

pkb = p_key.private_bytes(
encoding=serialization.Encoding.DER,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption())

return pkb
13 changes: 3 additions & 10 deletions test/test_verify.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
import time

import test_suit
from test_suit.test_utils import parsePrivateKey, RetryableError
from test_suit.test_utils import RetryableError

from cloud_platform import CloudPlatform

Expand Down Expand Up @@ -57,8 +57,7 @@ def __init__(self, kafkaAddress, schemaRegistryAddress, kafkaConnectAddress, cre
testDatabase = credentialJson["database"]
testSchema = credentialJson["schema"]
testWarehouse = credentialJson["warehouse"]
pk = credentialJson["encrypted_private_key"]
pk_passphrase = credentialJson["private_key_passphrase"]
pk = credentialJson["private_key"]

self.TEST_DATA_FOLDER = "./test_data/"
self.httpHeader = {'Content-type': 'application/json', 'Accept': 'application/json'}
Expand Down Expand Up @@ -103,10 +102,9 @@ def __init__(self, kafkaAddress, schemaRegistryAddress, kafkaConnectAddress, cre
print(datetime.now().strftime("%H:%M:%S "),
"Format error in 'host' field at profile.json, expecting account.snowflakecomputing.com:443")

pkb = parsePrivateKey(pk, pk_passphrase)
self.snowflake_conn = snowflake.connector.connect(
user=testUser,
private_key=pkb,
private_key=pk,
account=account[0][:-19],
warehouse=testWarehouse,
database=testDatabase,
Expand Down Expand Up @@ -399,8 +397,6 @@ def createConnector(self, fileName, nameSalt):
testDatabase = credentialJson["database"]
testSchema = credentialJson["schema"]
pk = credentialJson["private_key"]
# Use Encrypted key if passphrase is non empty
pkEncrypted = credentialJson["encrypted_private_key"]

print(datetime.now().strftime("\n%H:%M:%S "),
"=== generate sink connector rest request from {} ===".format(rest_template_path))
Expand All @@ -413,9 +409,6 @@ def createConnector(self, fileName, nameSalt):
"=== Connector Config JSON: {}, Connector Name: {} ===".format(fileName, snowflake_connector_name))
with open("{}/{}".format(rest_template_path, fileName), 'r') as f:
fileContent = f.read()
# Template has passphrase, use the encrypted version of P8 Key
if fileContent.find("snowflake.private.key.passphrase") != -1:
pk = pkEncrypted

fileContent = fileContent \
.replace("SNOWFLAKE_PRIVATE_KEY", pk) \
Expand Down

0 comments on commit a988384

Please sign in to comment.