Update conftest helper and SQL for creating test user, switching from password to private key

Author: littleK0i

test/_sql/account_setup.sql

@@ -1,10 +1,11 @@
 -- SQL script to set up a new Snowflake account for tests and GitHub workflows
--- Replace <password> placeholder statement with an actual password of your choice
+-- Replace <public_key> placeholder statement with an actual public key
+-- https://docs.snowflake.com/en/user-guide/key-pair-auth#configuring-key-pair-authentication
 
 -- Replace <aws_role_arn> with ARN of AWS role
 -- https://docs.snowflake.com/en/user-guide/data-load-s3-config-storage-integration
 
-SET PASSWORD = '<password>';
+SET RSA_PUBLIC_KEY = '<public_key>';
 SET STORAGE_AWS_ROLE_ARN = '<storage_aws_role_arn>';
 
 ---
@@ -32,7 +33,8 @@ CREATE ROLE SNOWDDL_ADMIN_TEST;
 GRANT ROLE ACCOUNTADMIN TO ROLE SNOWDDL_ADMIN_TEST;
 
 CREATE USER SNOWDDL_TEST
-PASSWORD = $PASSWORD
+TYPE = SERVICE
+RSA_PUBLIC_KEY = $RSA_PUBLIC_KEY
 DEFAULT_ROLE = SNOWDDL_ADMIN_TEST;
 
 GRANT ROLE SNOWDDL_ADMIN_TEST TO USER SNOWDDL_TEST;

test/conftest.py

@@ -1,3 +1,4 @@
+from cryptography.hazmat.primitives import serialization
 from json import loads
 from itertools import groupby
 from os import environ
@@ -538,10 +539,17 @@ def __exit__(self, exc_type, exc_val, exc_tb):
         self.connection.close()
 
     def _init_connection(self):
+        key_bytes = str(environ["SNOWFLAKE_PRIVATE_KEY"]).encode("utf-8")
+        pk = serialization.load_pem_private_key(data=key_bytes, password=None)
+
         options = {
             "account": environ.get("SNOWFLAKE_ACCOUNT"),
             "user": environ.get("SNOWFLAKE_USER"),
-            "password": environ.get("SNOWFLAKE_PASSWORD"),
+            "private_key": pk.private_bytes(
+                encoding=serialization.Encoding.DER,
+                format=serialization.PrivateFormat.PKCS8,
+                encryption_algorithm=serialization.NoEncryption(),
+            )
         }
 
         return connect(**options)