Attempt to use workload auth token instead of password

Author: littleK0i

.github/workflows/getting_started.yml

@@ -29,10 +29,15 @@ jobs:
     runs-on: ${{ matrix.os }}
     timeout-minutes: 20
 
+    permissions:
+      id-token: write
+      contents: read
+
     env:
       SNOWFLAKE_ACCOUNT: ${{ secrets.SNOWFLAKE_ACCOUNT }}
       SNOWFLAKE_USER: snowddl
-      SNOWFLAKE_PASSWORD: ${{ secrets.SNOWFLAKE_PASSWORD }}
+      SNOWFLAKE_AUTHENTICATOR: workload_identity
+      SNOWFLAKE_WORKLOAD_IDENTITY_PROVIDER: OIDC
       SNOWFLAKE_ENV_PREFIX: ${{ matrix.env-prefix }}
 
     steps:
@@ -47,9 +52,15 @@ jobs:
         with:
           python-version: ${{ matrix.python-version }}
 
-      - name: Install
+      - name: Install SnowDDL
         run: pip install -e .
 
+      - name: Install Snowflake CLI
+        run: pip install snowflake-cli
+
+      - name: Get Workload Identity Token
+        run: echo "SNOWFLAKE_WORKLOAD_IDENTITY_TOKEN=$(snow auth oidc read-token --type=github)" >> "$GITHUB_ENV"
+
       - name: "Cleanup"
         run: snowddl -c sample01_01 --apply-unsafe destroy