diff --git a/CHANGELOG.md b/CHANGELOG.md index 24f85ee74..0cf7b5308 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +### [1.77.4](https://github.com/rudderlabs/rudder-config-schema/compare/v1.77.3...v1.77.4) (2024-06-20) + + +### Bug Fixes + +* snowflake key pair authentication for warehouse destination ([858a23b](https://github.com/rudderlabs/rudder-config-schema/commit/858a23b06cd48919a95f7c6ea8c71e92b4622fd4)) + ### [1.77.3](https://github.com/rudderlabs/rudder-config-schema/compare/v1.77.2...v1.77.3) (2024-06-19) diff --git a/package-lock.json b/package-lock.json index 1986a28ad..aaa5567c6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "rudder-config-schema", - "version": "1.77.3", + "version": "1.77.4", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "rudder-config-schema", - "version": "1.77.3", + "version": "1.77.4", "license": "MIT", "dependencies": { "ajv": "^8.12.0", diff --git a/package.json b/package.json index 5272490de..1821a0d8f 100755 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "rudder-config-schema", - "version": "1.77.3", + "version": "1.77.4", "description": "", "main": "src/index.ts", "private": true, diff --git a/src/configurations/destinations/snowflake/db-config.json b/src/configurations/destinations/snowflake/db-config.json index 133e020f7..18b4c6be8 100644 --- a/src/configurations/destinations/snowflake/db-config.json +++ b/src/configurations/destinations/snowflake/db-config.json @@ -65,7 +65,10 @@ "jsonPaths", "useRudderStorage", "oneTrustCookieCategories", - "ketchConsentPurposes" + "ketchConsentPurposes", + "useKeyPairAuth", + "privateKey", + "privateKeyPassphrase" ], "android": ["consentManagement", "connectionMode"], "ios": ["consentManagement", "connectionMode"], @@ -79,6 +82,14 @@ "cordova": ["consentManagement", "connectionMode"], "shopify": ["consentManagement", "connectionMode"] }, - "secretKeys": ["password", "accessKeyID", "accessKey", "accountKey", "sasToken"] + "secretKeys": [ + "password", + "accessKeyID", + "accessKey", + "accountKey", + "sasToken", + "privateKey", + "privateKeyPassphrase" + ] } } diff --git a/src/configurations/destinations/snowflake/schema.json b/src/configurations/destinations/snowflake/schema.json index 806992b37..1cc239512 100644 --- a/src/configurations/destinations/snowflake/schema.json +++ b/src/configurations/destinations/snowflake/schema.json @@ -1,15 +1,7 @@ { "configSchema": { "$schema": "http://json-schema.org/draft-07/schema#", - "required": [ - "account", - "database", - "warehouse", - "user", - "password", - "syncFrequency", - "useRudderStorage" - ], + "required": ["account", "database", "warehouse", "user", "syncFrequency", "useRudderStorage"], "type": "object", "properties": { "account": { @@ -32,7 +24,6 @@ "type": "string", "pattern": "(^\\{\\{.*\\|\\|(.*)\\}\\}$)|(^env[.].+)|^(.{0,100})$" }, - "password": { "type": "string", "pattern": "(^\\{\\{.*\\|\\|(.*)\\}\\}$)|(^env[.].+)|.*" }, "namespace": { "type": "string", "pattern": "(^\\{\\{.*\\|\\|(.*)\\}\\}$)|(^env[.].+)|^((?!pg_|PG_|pG_|Pg_).{0,64})$" @@ -58,6 +49,7 @@ "pattern": "(^\\{\\{.*\\|\\|(.*)\\}\\}$)|(^env[.].+)|^(.*)$" }, "useRudderStorage": { "type": "boolean", "default": false }, + "useKeyPairAuth": { "type": "boolean", "default": false }, "preferAppend": { "type": "boolean", "default": true }, "oneTrustCookieCategories": { "type": "array", @@ -530,6 +522,46 @@ } }, "allOf": [ + { + "if": { + "properties": { "useKeyPairAuth": { "const": false } }, + "required": ["useKeyPairAuth"] + }, + "then": { + "properties": { + "password": { + "type": "string", + "pattern": "(^\\{\\{.*\\|\\|(.*)\\}\\}$)|(^env[.].+)|.*" + }, + "useKeyPairAuth": { + "const": false + } + }, + "required": ["password"] + } + }, + { + "if": { + "properties": { "useKeyPairAuth": { "const": true } }, + "required": ["useKeyPairAuth"] + }, + "then": { + "properties": { + "privateKey": { + "type": "string", + "pattern": "(^\\{\\{.*\\|\\|(.*)\\}\\}$)|(^env[.].+)|-----BEGIN (?:ENCRYPTED )?PRIVATE KEY-----[\\s\\S]+?-----END (?:ENCRYPTED )?PRIVATE KEY-----" + }, + "privateKeyPassphrase": { + "type": "string", + "pattern": "(^\\{\\{.*\\|\\|(.*)\\}\\}$)|(^env[.].+)|^(.{0,100})$" + }, + "useKeyPairAuth": { + "const": true + } + }, + "required": ["privateKey", "useKeyPairAuth"] + } + }, { "if": { "properties": { "useRudderStorage": { "const": false } }, @@ -675,6 +707,7 @@ ] } } - ] + ], + "additionalProperties": true } } diff --git a/src/configurations/destinations/snowflake/ui-config.json b/src/configurations/destinations/snowflake/ui-config.json index 733bd2b0d..ef4f2df7d 100644 --- a/src/configurations/destinations/snowflake/ui-config.json +++ b/src/configurations/destinations/snowflake/ui-config.json @@ -48,6 +48,13 @@ "placeholder": "e.g: RUDDER_ROLE", "required": false }, + { + "type": "checkbox", + "label": "Use Key Pair Authentication", + "value": "useKeyPairAuth", + "default": false, + "required": false + }, { "type": "textInput", "label": "Password", @@ -55,8 +62,27 @@ "regex": "(^\\{\\{.*\\|\\|(.*)\\}\\}$)|(^env[.].+)|.*", "placeholder": "e.g: RUDDER_PASSWORD", "required": true, + "secret": true, + "preRequisiteField": { "name": "useKeyPairAuth", "selectedValue": false } + }, + { + "type": "textareaInput", + "required": true, + "regex": "-----BEGIN (?:ENCRYPTED )?PRIVATE KEY-----[\\s\\S]+?-----END (?:ENCRYPTED )?PRIVATE KEY-----", + "preRequisiteField": { "name": "useKeyPairAuth", "selectedValue": true }, + "label": "Private Key", + "value": "privateKey", "secret": true }, + { + "type": "textInput", + "regex": "^(.{0,100})$", + "secret": true, + "preRequisiteField": { "name": "useKeyPairAuth", "selectedValue": true }, + "label": "Private Key Passphrase", + "value": "privateKeyPassphrase", + "footerNote": "Use the password you set when encrypting the private key. Leave it blank if the private key is not encrypted." + }, { "type": "textInput", "label": "Namespace", diff --git a/test/data/validation/destinations/snowflake.json b/test/data/validation/destinations/snowflake.json index e99290d79..3f124905d 100644 --- a/test/data/validation/destinations/snowflake.json +++ b/test/data/validation/destinations/snowflake.json @@ -19,6 +19,116 @@ }, "result": true }, + { + "config": { + "account": "test-account", + "database": "test-database", + "warehouse": "test-warehouse", + "user": "test-user", + "password": "test-password", + "useKeyPairAuth": false, + "cloudProvider": "AWS", + "syncFrequency": "30", + "enableSSE": false, + "useRudderStorage": false, + "roleBasedAuth": false, + "prefix": "test-prefix", + "useSTSTokens": false, + "bucketName": "test-bucket", + "accessKeyID": "test-access-key-id", + "accessKey": "test-access-key" + }, + "result": true + }, + { + "config": { + "account": "test-account", + "database": "test-database", + "warehouse": "test-warehouse", + "user": "test-user", + "privateKey": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDc8ZNXUnjd7MFh\nIxI/eNDivAgA/s9fpBkX4WqjL6rBY8iZdBChp5dGIePp4IZ8zUBLGPSZdmNqnMyP\n/jDF+AZelv31ZmTqYz3AZ+VrWFK/7ciZqIfQFsRLPIdeKZTx8HiY1Od9hlnqeU0F\nSFDSDEH2XIfhXYunz0PswJHz0W+mqw/IgfAnEvy1pguBHfKPaWMLNMy0luKcx3tg\nI13H4enG4MtMiX6MERFb3CZtmf4pMIyTAyOqFQ/GWEYNpOwtiBIHlpVIiYy8cNyx\nlyhoLtLUv6cCNJj3HonoeiUSyiOVgLdxCir3S7HuaR1cPcuC4f2B2hq7jdVEYfkx\nR6XjRvRtAgMBAAECggEAB5r23gO20+LQBvKLW1fNZESh3OY93VZbeRo3ZBMiZFeg\nN9dfhtpV53eIA3deVxeZ8zZ9HaGONgUG40ercPZtl7NzCKUOlmU1+AnLg04DboZg\n8u3IG7EGREBljiejGs89g3tEAFWP16BMdwEAgTPOpcw/xCbxb/m/O5F8ZKwXVQwQ\nKlfxzIUjB3rXrhKXexAgQ+VAM3Ez0oDvoyF3g+a4oq0VHSPwi3EAHQzp21ceHyZA\nnHFb2us6vdwl7gD4G9/88Uoi8x/MH3+RKRQrqCnlSJbV1bGVPf6EGBNXc9Pw0Iym\n0BckaHtCBFnOrTjCOMnHxyPfdS6Vedo6evZjHMDvkQKBgQD0Y2/18auLF/X3q1Wh\n2jHhDZSjC080uwZqyPAot+vlMj6Wvl7tKTsRF6SpPO3nyqz5aMdw5V0WCZWXHrAq\nK6GtrHmzmTBTbvbDNEUEFqqW3JUTavL3uf7N9JsNWx/gORCjHzGoAvJlVBb3GHvS\nRTZzDcnM+5RJVonvYP93Q6zAsQKBgQDncPkb9pm86kqeRUhv1yT+B9satRVXC/ew\nazIwNQhP8UsMcYaM4RrgdUZMlSupUrKyK4NklmP7ivl2BAcGUh5vB393zrdpepns\nBkWVycoMiWgLL3N0XioZG9oT1Jh1hSSVfQ7gtlUZxUiHayu241JDTSbKNi2AkceL\nysFjdeI+fQKBgQDEYJr48Gc979UQXTcERcbK5xTHJzFQV/DCIhEJRzFhDMzKaNLy\nk60JAQypiXJKTcxM5etNRqFUMgNoWZqJaGIUooFw1enFQWc8WGYU8PnHHB0Wa1wt\nv+GGMcXeJ5knnfNGgKxwK14IGlgR2jS1NDSaozvDYW04uTdBiZn+hfztIQKBgAgd\ng/6hBP8E0B0AnOufBaMKr3oeQ2NL/iFngNkD4wi6k0EacfdapVCdjBt/V4qWZcGt\nmOvcAiF93AVxWrW0B3EpOCUBUJkYPXFzPtlju/v4jXdm8ItyCdPbkCgF2lq0knXT\nbsQeYJmIu2RUM7I0AlxtxiBtCedqNS8HqwRLy+UZAoGBANAFLCMR4gw+CZZx4yBL\ny52L4OVodOgAZuRE1ziaRNacJaAFJGW3qh74LFoqNcgkfduZ4QvyMj70AINBzm5J\nb0G/T1obwVOPn7tmBZNDNuIkRXnZZ/2/ym1dpBBvPiYLVawYMJlH2nHZdXhDZZnn\n4uLN79yw0szmUnTUlm1wFRsB\n-----END PRIVATE KEY-----\n", + "privateKeyPassphrase": "test-passphrase", + "useKeyPairAuth": true, + "cloudProvider": "AWS", + "syncFrequency": "30", + "enableSSE": false, + "useRudderStorage": false, + "roleBasedAuth": false, + "prefix": "test-prefix", + "useSTSTokens": false, + "bucketName": "test-bucket", + "accessKeyID": "test-access-key-id", + "accessKey": "test-access-key" + }, + "result": true + }, + { + "config": { + "account": "test-account", + "database": "test-database", + "warehouse": "test-warehouse", + "user": "test-user", + "privateKey": "-----BEGIN ENCRYPTED PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDc8ZNXUnjd7MFh\nIxI/eNDivAgA/s9fpBkX4WqjL6rBY8iZdBChp5dGIePp4IZ8zUBLGPSZdmNqnMyP\n/jDF+AZelv31ZmTqYz3AZ+VrWFK/7ciZqIfQFsRLPIdeKZTx8HiY1Od9hlnqeU0F\nSFDSDEH2XIfhXYunz0PswJHz0W+mqw/IgfAnEvy1pguBHfKPaWMLNMy0luKcx3tg\nI13H4enG4MtMiX6MERFb3CZtmf4pMIyTAyOqFQ/GWEYNpOwtiBIHlpVIiYy8cNyx\nlyhoLtLUv6cCNJj3HonoeiUSyiOVgLdxCir3S7HuaR1cPcuC4f2B2hq7jdVEYfkx\nR6XjRvRtAgMBAAECggEAB5r23gO20+LQBvKLW1fNZESh3OY93VZbeRo3ZBMiZFeg\nN9dfhtpV53eIA3deVxeZ8zZ9HaGONgUG40ercPZtl7NzCKUOlmU1+AnLg04DboZg\n8u3IG7EGREBljiejGs89g3tEAFWP16BMdwEAgTPOpcw/xCbxb/m/O5F8ZKwXVQwQ\nKlfxzIUjB3rXrhKXexAgQ+VAM3Ez0oDvoyF3g+a4oq0VHSPwi3EAHQzp21ceHyZA\nnHFb2us6vdwl7gD4G9/88Uoi8x/MH3+RKRQrqCnlSJbV1bGVPf6EGBNXc9Pw0Iym\n0BckaHtCBFnOrTjCOMnHxyPfdS6Vedo6evZjHMDvkQKBgQD0Y2/18auLF/X3q1Wh\n2jHhDZSjC080uwZqyPAot+vlMj6Wvl7tKTsRF6SpPO3nyqz5aMdw5V0WCZWXHrAq\nK6GtrHmzmTBTbvbDNEUEFqqW3JUTavL3uf7N9JsNWx/gORCjHzGoAvJlVBb3GHvS\nRTZzDcnM+5RJVonvYP93Q6zAsQKBgQDncPkb9pm86kqeRUhv1yT+B9satRVXC/ew\nazIwNQhP8UsMcYaM4RrgdUZMlSupUrKyK4NklmP7ivl2BAcGUh5vB393zrdpepns\nBkWVycoMiWgLL3N0XioZG9oT1Jh1hSSVfQ7gtlUZxUiHayu241JDTSbKNi2AkceL\nysFjdeI+fQKBgQDEYJr48Gc979UQXTcERcbK5xTHJzFQV/DCIhEJRzFhDMzKaNLy\nk60JAQypiXJKTcxM5etNRqFUMgNoWZqJaGIUooFw1enFQWc8WGYU8PnHHB0Wa1wt\nv+GGMcXeJ5knnfNGgKxwK14IGlgR2jS1NDSaozvDYW04uTdBiZn+hfztIQKBgAgd\ng/6hBP8E0B0AnOufBaMKr3oeQ2NL/iFngNkD4wi6k0EacfdapVCdjBt/V4qWZcGt\nmOvcAiF93AVxWrW0B3EpOCUBUJkYPXFzPtlju/v4jXdm8ItyCdPbkCgF2lq0knXT\nbsQeYJmIu2RUM7I0AlxtxiBtCedqNS8HqwRLy+UZAoGBANAFLCMR4gw+CZZx4yBL\ny52L4OVodOgAZuRE1ziaRNacJaAFJGW3qh74LFoqNcgkfduZ4QvyMj70AINBzm5J\nb0G/T1obwVOPn7tmBZNDNuIkRXnZZ/2/ym1dpBBvPiYLVawYMJlH2nHZdXhDZZnn\n4uLN79yw0szmUnTUlm1wFRsB\n-----END ENCRYPTED PRIVATE KEY-----\n", + "privateKeyPassphrase": "test-passphrase", + "useKeyPairAuth": true, + "cloudProvider": "AWS", + "syncFrequency": "30", + "enableSSE": false, + "useRudderStorage": false, + "roleBasedAuth": false, + "prefix": "test-prefix", + "useSTSTokens": false, + "bucketName": "test-bucket", + "accessKeyID": "test-access-key-id", + "accessKey": "test-access-key" + }, + "result": true + }, + { + "config": { + "account": "test-account", + "database": "test-database", + "warehouse": "test-warehouse", + "user": "test-user", + "useKeyPairAuth": false, + "privateKey": "-----BEGIN ENCRYPTED PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDc8ZNXUnjd7MFh\nIxI/eNDivAgA/s9fpBkX4WqjL6rBY8iZdBChp5dGIePp4IZ8zUBLGPSZdmNqnMyP\n/jDF+AZelv31ZmTqYz3AZ+VrWFK/7ciZqIfQFsRLPIdeKZTx8HiY1Od9hlnqeU0F\nSFDSDEH2XIfhXYunz0PswJHz0W+mqw/IgfAnEvy1pguBHfKPaWMLNMy0luKcx3tg\nI13H4enG4MtMiX6MERFb3CZtmf4pMIyTAyOqFQ/GWEYNpOwtiBIHlpVIiYy8cNyx\nlyhoLtLUv6cCNJj3HonoeiUSyiOVgLdxCir3S7HuaR1cPcuC4f2B2hq7jdVEYfkx\nR6XjRvRtAgMBAAECggEAB5r23gO20+LQBvKLW1fNZESh3OY93VZbeRo3ZBMiZFeg\nN9dfhtpV53eIA3deVxeZ8zZ9HaGONgUG40ercPZtl7NzCKUOlmU1+AnLg04DboZg\n8u3IG7EGREBljiejGs89g3tEAFWP16BMdwEAgTPOpcw/xCbxb/m/O5F8ZKwXVQwQ\nKlfxzIUjB3rXrhKXexAgQ+VAM3Ez0oDvoyF3g+a4oq0VHSPwi3EAHQzp21ceHyZA\nnHFb2us6vdwl7gD4G9/88Uoi8x/MH3+RKRQrqCnlSJbV1bGVPf6EGBNXc9Pw0Iym\n0BckaHtCBFnOrTjCOMnHxyPfdS6Vedo6evZjHMDvkQKBgQD0Y2/18auLF/X3q1Wh\n2jHhDZSjC080uwZqyPAot+vlMj6Wvl7tKTsRF6SpPO3nyqz5aMdw5V0WCZWXHrAq\nK6GtrHmzmTBTbvbDNEUEFqqW3JUTavL3uf7N9JsNWx/gORCjHzGoAvJlVBb3GHvS\nRTZzDcnM+5RJVonvYP93Q6zAsQKBgQDncPkb9pm86kqeRUhv1yT+B9satRVXC/ew\nazIwNQhP8UsMcYaM4RrgdUZMlSupUrKyK4NklmP7ivl2BAcGUh5vB393zrdpepns\nBkWVycoMiWgLL3N0XioZG9oT1Jh1hSSVfQ7gtlUZxUiHayu241JDTSbKNi2AkceL\nysFjdeI+fQKBgQDEYJr48Gc979UQXTcERcbK5xTHJzFQV/DCIhEJRzFhDMzKaNLy\nk60JAQypiXJKTcxM5etNRqFUMgNoWZqJaGIUooFw1enFQWc8WGYU8PnHHB0Wa1wt\nv+GGMcXeJ5knnfNGgKxwK14IGlgR2jS1NDSaozvDYW04uTdBiZn+hfztIQKBgAgd\ng/6hBP8E0B0AnOufBaMKr3oeQ2NL/iFngNkD4wi6k0EacfdapVCdjBt/V4qWZcGt\nmOvcAiF93AVxWrW0B3EpOCUBUJkYPXFzPtlju/v4jXdm8ItyCdPbkCgF2lq0knXT\nbsQeYJmIu2RUM7I0AlxtxiBtCedqNS8HqwRLy+UZAoGBANAFLCMR4gw+CZZx4yBL\ny52L4OVodOgAZuRE1ziaRNacJaAFJGW3qh74LFoqNcgkfduZ4QvyMj70AINBzm5J\nb0G/T1obwVOPn7tmBZNDNuIkRXnZZ/2/ym1dpBBvPiYLVawYMJlH2nHZdXhDZZnn\n4uLN79yw0szmUnTUlm1wFRsB\n-----END ENCRYPTED PRIVATE KEY-----\n", + "privateKeyPassphrase": "test-passphrase", + "cloudProvider": "AWS", + "syncFrequency": "30", + "enableSSE": false, + "useRudderStorage": false, + "roleBasedAuth": false, + "prefix": "test-prefix", + "useSTSTokens": false, + "bucketName": "test-bucket", + "accessKeyID": "test-access-key-id", + "accessKey": "test-access-key" + }, + "result": false, + "err": [" must have required property 'password'", " must match \"then\" schema"] + }, + { + "config": { + "account": "test-account", + "database": "test-database", + "warehouse": "test-warehouse", + "user": "test-user", + "password": "test-password", + "useKeyPairAuth": true, + "cloudProvider": "AWS", + "syncFrequency": "30", + "enableSSE": false, + "useRudderStorage": false, + "roleBasedAuth": false, + "prefix": "test-prefix", + "useSTSTokens": false, + "bucketName": "test-bucket", + "accessKeyID": "test-access-key-id", + "accessKey": "test-access-key" + }, + "result": false, + "err": [" must have required property 'privateKey'", " must match \"then\" schema"] + }, { "config": { "account": "test-account",