feat: add license resource type for Snowflake edition data#129
feat: add license resource type for Snowflake edition data#129c1-dev-bot[bot] wants to merge 1 commit into
Conversation
Query Snowflake organization accounts via SHOW ORGANIZATION ACCOUNTS to expose edition information (Standard, Enterprise, Business Critical) as a license resource with TRAIT_LICENSE_PROFILE. User count from ACCOUNT_USAGE.USERS is reported as consumed seats. Gracefully skips license sync when ORGADMIN role is unavailable.
| func (c *Client) ListOrganizationAccounts(ctx context.Context) ([]OrganizationAccount, int, error) { | ||
| queries := []string{"SHOW ORGANIZATION ACCOUNTS;"} | ||
|
|
||
| req, err := c.PostStatementRequest(ctx, queries) |
There was a problem hiding this comment.
🟡 Suggestion: SHOW ORGANIZATION ACCOUNTS requires the ORGADMIN role, but PostStatementRequest does not set the X-Snowflake-Role header, so the query runs with the JWT's default role. Unless ORGADMIN is the operator's default role, this will return 422 and the license sync will be silently skipped even for accounts that have ORGADMIN. Consider setting uhttp.WithHeader(RoleHeaderKey, "ORGADMIN") here (mirroring how user_rest.go sets RoleHeaderKey for USERADMIN). The same applies to CountUsers, which queries ACCOUNT_USAGE. (medium confidence)
| rs.WithLicenseName(licenseName), | ||
| } | ||
| if userCount > 0 { | ||
| traitOpts = append(traitOpts, rs.WithLicenseSeats(0, userCount)) |
There was a problem hiding this comment.
🟡 Suggestion: CountUsers queries SNOWFLAKE.ACCOUNT_USAGE.USERS, which is scoped to the single account the connector authenticates to, but this loop applies that same userCount as consumed seats to every organization account. In a multi-account org, non-current accounts will report an incorrect seat count. Consider only attaching seat data to the current account's license, or sourcing a per-account count. (medium confidence)
Connector PR Review: feat: add license resource type for Snowflake edition dataBlocking Issues: 0 | Suggestions: 3 | Threads Resolved: 0 Review SummaryScanned the full PR diff for security and correctness. The change adds a new Security IssuesNone found. Correctness IssuesNone found. Suggestions
Prompt for AI agents |
Summary
Adds a
licenseresource type to the Snowflake connector that exposes account edition information as a license resource withTRAIT_LICENSE_PROFILE.SHOW ORGANIZATION ACCOUNTSto retrieve edition data (Standard, Enterprise, Business Critical)SNOWFLAKE.ACCOUNT_USAGE.USERSas consumed seatsOptInRequiredannotation so it must be explicitly enabledbaton-github's license implementationFixes: CXH-1935
Test plan
go build ./...)go test ./...)TRAIT_LICENSE_PROFILEannotationsAutomated PR Notice
This PR was automatically created by c1-dev-bot as a potential implementation.
This code requires: