Github Actions with Snowflake Private Key Pair not working

General Discussion
1

I’m having trouble trying to use Liquibase Actions in Github with a Key Pair and nothing I try for connection string or other settings appears to work correctly.

our Action settings look like the following (generic references added in place of actual names)

  - name: Deploy Objects
    uses: docker://liquibase/liquibase:4.30
    with:
      args: --url=jdbc:snowflake://<account>.snowflakecomputing.com/?private_key=${{secrets.CI_PK}}&private_key_pwd=${{secrets.CI_PK_PASS}}&db=<DATABASE>&schema=<SCHEMA>&role=<ROLE>&warehouse=<WH> --changeLogFile=/databases/<PATH>/liquibase.changelog.xml --username=${{secrets.CI_USERNAME}} --liquibase-schema-name=LIQUIBASE --default-schema-name=<SCHEMA> --log-level=INFO update

the error we get is:
Private key provided is invalid or not supported:

If I update the key file path to be a BAD path I get the same error, so I have a suspicion that I’m not getting the key file path right, but when I run commands that show the execution path, it should be correct…

Anyone have some input or help?

I read a post that suggests that trying to use an OAUTH token might be a better option. Thoughts?

I need our service accounts to be able to connect without having to interact with any popup windows.

2

Have you taken a look at this docs page, especially the information about privateKey?

3

Yes, we can connect using several different methods with Key Pair sets including a direct JDBC connection, JDBC connections through tools like Boomi. We can even connect with Python. Most any other Key Pair process we use works, but when we try to connect with Liquibase over Github Actions nothing we try appears to work.

My current suspicion is that I’m not doing something write with the key file path, but I can’t figure it out… and I might still be incorrect even with that.