Skip to content
Test AWS Compliance Premium Policies: Snowflake

chore: Auto add checks to readme #62

Sign in to view logs

chore: Auto add checks to readme

chore: Auto add checks to readme #62

Workflow file for this run

.github/workflows/transformations_aws_compliance_premium_snowflake.yml at a952781
name: "Test AWS Compliance Premium Policies: Snowflake"
on:
pull_request:
paths:
- "transformations/aws/compliance-premium/**"
- ".github/workflows/transformations_aws_compliance_premium_snowflake.yml"
- "transformations/aws/macros/**"
- "transformations/aws/models/**"
- "transformations/macros/**"
push:
branches:
- main
paths:
- "transformations/aws/compliance-premium/**"
- ".github/workflows/transformations_aws_compliance_premium_snowflake.yml"
- "transformations/aws/macros/**"
- "transformations/aws/models/**"
- "transformations/macros/**"
jobs:
transformations-aws-compliance-premium:
name: transformations/aws/compliance-premium
timeout-minutes: 30
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./transformations/aws/compliance-premium
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: "3.9"
cache: "pip"
cache-dependency-path: "./transformations/aws/compliance-premium/requirements.txt"
- name: Install dependencies
run: pip install -r requirements.txt
- name: Setup CloudQuery
uses: cloudquery/setup-cloudquery@v3
with:
version: v4.0.0
# Test unpacked version
- name: Migrate DB
run: cloudquery migrate tests/snowflake.yml
env:
SNOWFLAKE_CONNECTION_STRING: "${{ secrets.SNOW_USER }}:${{ secrets.SNOW_PASSWORD }}@${{ secrets.SNOW_ACCOUNT }}.${{ secrets.SNOW_REGION }}/${{ secrets.SNOW_DATABASE }}/${{ secrets.SNOW_SCHEMA }}?warehouse=${{ secrets.SNOW_WAREHOUSE }}"
- name: Run Policies
run: |
dbt run --target dev-snowflake --profiles-dir ./tests --select --select aws_compliance__security_group_ingress_rules, aws_compliance__api_gateway_method_settingse_selected_only, aws_compliance__foundational_security
env:
SNOW_USER: ${{ secrets.SNOW_USER }}
SNOW_PASSWORD: ${{ secrets.SNOW_PASSWORD }}
# DBT assumes the account is in the form of <account>.<region>
SNOW_ACCOUNT: "${{ secrets.SNOW_ACCOUNT }}.${{ secrets.SNOW_REGION }}"
SNOW_WAREHOUSE: ${{ secrets.SNOW_WAREHOUSE }}
SNOW_DATABASE: ${{ secrets.SNOW_DATABASE }}
SNOW_SCHEMA: ${{ secrets.SNOW_SCHEMA }}
SNOW_REGION: ${{ secrets.SNOW_REGION }}