remove unused objects

dbt-labs · May 24, 2024 · 35a4c39 · 35a4c39
1 parent d488576
commit 35a4c39
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 54 deletions.
diff --git a/infra/main.tf b/infra/main.tf
@@ -8,3 +8,12 @@ terraform {
     }
   }
 }
+
+provider "snowflake" {
+  alias = "security_admin"
+  role  = "SECURITYADMIN"
+  # SNOWFLAKE_ACCOUNT
+  # SNOWFLAKE_USER
+  # SNOWFLAKE_AUTHENTICATOR
+  # SNOWFLAKE_PRIVATE_KEY
+}
diff --git a/infra/snowflake.tf b/infra/snowflake.tf
@@ -1,101 +1,71 @@
-provider "snowflake" {
-  alias = "security_admin"
-  role  = "SECURITYADMIN"
-  # SNOWFLAKE_ACCOUNT
-  # SNOWFLAKE_USER
-  # SNOWFLAKE_AUTHENTICATOR
-  # SNOWFLAKE_PRIVATE_KEY
-}
-
 # Resources needed to run dbt-snowflake
 
-resource "snowflake_database" "database" {
+resource "snowflake_database" "dbt_snowflake_db" {
   name                        = "DBT_SNOWFLAKE_DB"
   data_retention_time_in_days = 0
   comment                     = "Used by `dbt-snowflake` for CI"
 }
 
-resource "snowflake_warehouse" "warehouse" {
+resource "snowflake_warehouse" "dbt_snowflake_wh" {
   name           = "DBT_SNOWFLAKE_WH"
   warehouse_size = "XSMALL"
   auto_suspend   = 60
   comment        = "Used by `dbt-snowflake` for CI"
 }
 
-resource "snowflake_role" "role" {
+resource "snowflake_role" "dbt_snowflake_role" {
   provider = snowflake.security_admin
   name     = "DBT_SNOWFLAKE_ROLE"
   comment  = "Application role for `dbt_snowflake`"
 }
 
-resource "snowflake_grant_privileges_to_account_role" "database_grant" {
+resource "snowflake_grant_privileges_to_account_role" "dbt_snowflake_db" {
   provider          = snowflake.security_admin
   privileges        = ["USAGE", "MODIFY", "CREATE SCHEMA"]
-  account_role_name = snowflake_role.role.name
+  account_role_name = snowflake_role.dbt_snowflake_role.name
 
   on_account_object {
     object_type = "DATABASE"
-    object_name = snowflake_database.database.name
+    object_name = snowflake_database.dbt_snowflake_db.name
   }
 }
 
-resource "snowflake_grant_privileges_to_account_role" "warehouse_grant" {
+resource "snowflake_grant_privileges_to_account_role" "dbt_snowflake_wh" {
   provider          = snowflake.security_admin
   privileges        = ["USAGE"]
-  account_role_name = snowflake_role.role.name
+  account_role_name = snowflake_role.dbt_snowflake_role.name
 
   on_account_object {
     object_type = "WAREHOUSE"
-    object_name = snowflake_warehouse.warehouse.name
+    object_name = snowflake_warehouse.dbt_snowflake_wh.name
   }
 }
 
-resource "tls_private_key" "user" {
-  algorithm = "RSA"
-  rsa_bits  = 2048
-}
-
-resource "snowflake_user" "user" {
+resource "snowflake_user" "dbt_snowflake" {
   provider          = snowflake.security_admin
   name              = "DBT_SNOWFLAKE"
   display_name      = "dbt-snowflake"
-  rsa_public_key    = substr(tls_private_key.user.public_key_pem, 27, 398)
-  default_warehouse = snowflake_warehouse.warehouse.name
-  default_role      = snowflake_role.role.name
-  default_namespace = snowflake_database.database.name
+  default_warehouse = snowflake_warehouse.dbt_snowflake_wh.name
+  default_role      = snowflake_role.dbt_snowflake_role.name
+  default_namespace = snowflake_database.dbt_snowflake_db.name
   comment           = "Application user for `dbt_snowflake`"
 }
 
-resource "snowflake_grant_account_role" "role_grant" {
+resource "snowflake_grant_account_role" "dbt_snowflake" {
   provider  = snowflake.security_admin
-  role_name = snowflake_role.role.name
-  user_name = snowflake_user.user.name
-}
-
-output "dbt_snowflake_user_public_key" {
-  value = tls_private_key.user.public_key_pem
-}
-
-output "dbt_snowflake_user_private_key" {
-  value     = tls_private_key.user.private_key_pem
-  sensitive = true
+  role_name = snowflake_role.dbt_snowflake_role.name
+  user_name = snowflake_user.dbt_snowflake.name
 }
 
 # Additional resources required for integration tests
 
-resource "snowflake_database" "database_quoted" {
-  name                        = "DBT_SNOWFLAKE_DB_QUOTED"
-  data_retention_time_in_days = 0
-  comment                     = "Used by `dbt-snowflake` for CI"
-}
-
-resource "snowflake_database" "database_alt" {
+resource "snowflake_database" "dbt_snowflake_db_alt" {
   name                        = "DBT_SNOWFLAKE_DB_ALT"
   data_retention_time_in_days = 0
   comment                     = "Used by `dbt-snowflake` for CI"
 }
 
-resource "snowflake_warehouse" "warehouse_alt" {
+resource "snowflake_warehouse" "dbt_snowflake_wh_alt" {
   name           = "DBT_SNOWFLAKE_WH_ALT"
   warehouse_size = "XSMALL"
   auto_suspend   = 60

diff --git a/test.env.example b/test.env.example
@@ -15,7 +15,6 @@
 # SNOWFLAKE_TEST_OAUTH_CLIENT_SECRET: Client secret of your OAuth client id. (only for oauth authentication)
 # SNOWFLAKE_TEST_OAUTH_REFRESH_TOKEN: Boolean value defaulted to True keep connection alive. (only for oauth authentication)
 
-# SNOWFLAKE_TEST_QUOTED_DATABASE: Name of database to be used from warehouse.
 # SNOWFLAKE_TEST_ALT_DATABASE: Name of a secondary or alternate database to use for testing. You will need to create this database.
 # SNOWFLAKE_TEST_ALT_WAREHOUSE: Name of the secondary warehouse to use for testing.
 
@@ -30,10 +29,5 @@ SNOWFLAKE_TEST_OAUTH_CLIENT_ID=my_oauth_id
 SNOWFLAKE_TEST_OAUTH_CLIENT_SECRET=my_oauth_secret
 SNOWFLAKE_TEST_OAUTH_REFRESH_TOKEN=TRUE
 
-SNOWFLAKE_TEST_QUOTED_DATABASE=DBT_SNOWFLAKE_DB_QUOTED
 SNOWFLAKE_TEST_ALT_DATABASE=DBT_SNOWFLAKE_DB_ALT
 SNOWFLAKE_TEST_ALT_WAREHOUSE=DBT_SNOWFLAKE_WH_ALT
-
-DBT_TEST_USER_1=dbt_test_role_1
-DBT_TEST_USER_2=dbt_test_role_2
-DBT_TEST_USER_3=dbt_test_role_3