junyoneyama commented on code in PR #34156:
URL: https://github.com/apache/superset/pull/34156#discussion_r2209850518
##########
superset/db_engine_specs/snowflake.py:
##########
@@ -394,9 +394,11 @@ def update_params_from_encrypted_extra(
else:
with open(auth_params["privatekey_path"], "rb") as key_temp:
key = key_temp.read()
+ privatekey_pass = auth_params.get("privatekey_pass", None)
+ password = privatekey_pass.encode() if privatekey_pass is not None
else None
Review Comment:
Here `password` is not sent to Snowflake but used to decrypt the private key
if it is encrypted. `connect_args["private_key"]` is still necessary even when
the private key is unencrypted.
See also: "Generate the private key" section in [Key-pair authentication and
key-pair rotation | Snowflake
Documentation](https://docs.snowflake.com/en/user-guide/key-pair-auth#generate-the-private-key)
> You can generate either an encrypted version of the private key or an
unencrypted version of the private key.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
