Skip to main content

Snowflake Stabilization Matrix

Purpose

This spec defines the release gate for stabilizing the contractforge-snowflake adapter. It is not a roadmap of possible Snowflake features. It is the checklist that decides whether the Snowflake adapter can be called stable for the supported surface.

The target is snowflake_sql_warehouse:

  • Snowflake SQL warehouse runtime;
  • Snowflake native tables;
  • Snowflake database/schema cataloging;
  • optional governance via tags, comments, row access policies and masking policies;
  • ContractForge evidence tables persisted as Snowflake control tables.

The adapter must preserve core semantics. If a Snowflake runtime cannot preserve a contract behavior, the planner or renderer must return REVIEW_REQUIRED, SUPPORTED_WITH_WARNINGS or UNSUPPORTED. It must not silently downgrade the contract.

Stabilization Scope

The stable candidate scope is intentionally smaller than the full Snowflake thesis.

AreaStable candidate scopeOut of scope for stable candidate
Sourcestable, view, sql, staged_files with CSV, JSON and Parquet named file formatsautoloader, kafka, copy_into, Snowpipe, Streams, external stages
Write modesappend, overwrite, upsert, hash_diff_upserthistorical equivalence, snapshot soft delete
Qualityabort, warn, row-level quarantine, not_null, required_columns, accepted_values, min_rows, unique_key, max_null_ratio, row-level expressionsData Metric Functions integration
PreparationSQL-compatible casts, derives, standardization, filters, deterministic deduplicateComplex nested shapes, array explosions, unsafe bronze operations
Schema policyadditive only, strict, permissive via INFORMATION_SCHEMA.COLUMNSAutomatic column evolution policies
Evidenceruns, errors, quality, quarantine, schema changes, state, annotations, access, operations, lineage, explain, costAlternate evidence stores
GovernanceTable/column comments, tag SQL with validate-only mode, row access policy SQL, masking policy SQL, destructive revoke gatingAutomatic consumer-engine guarantees for row filters and column masks
DeploymentDry-run validation, publish-to-stage, hosted procedure execution, task graph rendering, project run/cleanupLive task graph execution (blocked by task grants)
CostQuery history reconciliation, query attribution signals, pending/latency handlingReal-time cost dashboards
LineageImmediate lineage and explain evidence, delayed ACCESS_HISTORY reconciliationReal-time lineage streaming

Required Test Projects

The Snowflake adapter cannot be stabilized from renderer tests alone. These scenarios run through contractforge-snowflake commands against a real Snowflake account.

ProjectSourceMain purposeRequired result
smokeGenerated test sourcesAppend, overwrite, quarantine, upsert, hash-diff full lifecycleFive contracts complete successfully with matching control evidence
smoke-failure-pathsControlled bad contractsError evidence, failed-run evidence, redaction, missing source, quality abort, strict schemaFailures produce redacted evidence without exposing secrets
smoke-stage-publishInternal stageStage publish, artifact reload, staged contract executionPublished bundle loads and runs from @stage
smoke-procedureInternal stage + procedureProcedure deployment, staged ZIP imports, procedure callProcedure deploys and runs one contract
smoke-task-graphProcedure + tasksTask graph deployment, root task execution, task history pollingTasks deploy and execute through runner procedure

Hash-diff scenarios must declare merge_keys and a hash strategy. The Snowflake adapter validates null and duplicate merge keys before executing the write. Hash computation uses Snowflake's HASH function over non-merge, non-excluded columns.

Release Gates

GateRequirementStatus values
G0 local suiteUnit and render tests passPASS, FAIL
G1 render compileSmoke contracts render valid Snowflake SQL without syntax errorsPASS, FAIL
G2 publish flowArtifacts publish to Snowflake internal stage and reload correctlyPASS, FAIL
G3 success runtimeSmoke contracts execute successfully through connector-backed runnerPASS, FAIL
G4 failure runtimeFailure matrix writes redacted error and failed-run evidencePASS, FAIL
G5 control auditEvidence tables match expected counts and statuses after smoke runsPASS, FAIL
G6 lineageImmediate lineage and explain evidence is written; ACCESS_HISTORY reconciliation handles pending/latencyPASS, FAIL
G7 costQuery history reconciliation probes structured query tags and records cost signalsPASS, FAIL
G8 governanceComments apply correctly; tag validate-only evidence matches expected grantsPASS, FAIL
G9 procedureSnowpark procedure deploys and executes with staged ZIP library importsPASS, BLOCKED
G10 task graphTasks deploy and execute through runner procedurePASS, FAIL
G11 paritySnowflake/Databricks/AWS contract differences are documented and minimalPASS, REVIEW_REQUIRED, FAIL
G12 docsSnowflake user docs, specs and site reflect tested behaviorPASS, FAIL
G13 lifecycleSmoke test objects have a documented, non-destructive cleanup planPASS, FAIL

The adapter is not stable until all non-blocked gates are PASS except explicitly accepted REVIEW_REQUIRED parity items. Blocked gates require a documented unblock plan.

Stabilization Tracker

ItemCurrent statusNotes
Local Snowflake adapter unit testsPASSFocused Snowflake suite: 175 passed. Full suite: 1421 passed, 2 known AWS failures not related to Snowflake.
Smoke contract render compilePASSMinimal smoke dry-run validated all contracts render SQL without syntax errors.
Stage publish smokePASSsmoke-stage-publish created temporary internal stage, published library-runner bundle, reloaded artifacts from @stage and ran staged contract.
Minimal success runtimePASSAll five contracts (append, overwrite, quarantine, upsert, hash-diff) completed successfully through connector-backed runner with evidence.
Failure-path runtimePASSMissing source, quality abort and strict schema failures produced redacted error evidence without exposing connection secrets.
Control-table auditPASSSmoke verification confirmed run, error, quality, quarantine, schema change, state, annotation, access, operations, lineage, explain and cost evidence rows.
Lineage evidencePASSImmediate lineage wrote 5 rows to ctrl_ingestion_lineage. EXPLAIN USING TEXT wrote 5 rows to ctrl_ingestion_explain. ACCESS_HISTORY reconciliation returned PENDING with 0 rows, matching Account Usage latency.
Cost reconciliationPASSQuery history reconciliation probed structured QUERY_TAG run ids and returned PENDING for delayed Account Usage. Runtime query tags store parseable JSON with unquoted target names.
Governance comments and tagsPASSTable/column comments applied; tag validate-only evidence recorded with correct grants.
Schema policyPASSINFORMATION_SCHEMA.COLUMNS inspection with connector metadata fallback; additive column smoke and strict failure smoke passed.
Quality runtimePASSPass, quarantine and abort scenarios all produced correct evidence and propagated quality_status into run records.
State idempotency and locksPASSWatermark candidate calculation, previous watermark filtering, idempotent replay skip, lock acquire and release tested.
Procedure deploymentPASSHosted Snowpark procedure deployed with staged ZIP imports for the core/adapter libraries, called the stable runner, and live smoke wrote 2 rows.
Task graph deploymentPASSLive smoke deployed the graph, executed the root task, waited for root/dependent task success and cleaned up smoke artifacts.
Staged file source parityPASSCSV positional projections, JSON payload/typed projections and Parquet typed projections with named file formats validated. Unsafe paths and column expressions rejected.
Preparation registryPASSMetadata projection, filters, casts, derives, standardization and deterministic deduplicate validated with live smoke.
Write mode registryPASSAppend, overwrite, upsert and hash-diff split into independent registry modules with prewrite merge-key validation.
Cleanup lifecyclePASSsmoke --execute --execute-cleanup removes all CF_SMOKE_* objects. cleanup-plan produces non-destructive DROP IF EXISTS SQL.
Docs/site updatePASSSnowflake adapter operations guide, parity execution plan, capability parity spec and stabilization matrix are published.

Blocked Gates Unblock Plan

The Snowflake access-policy smoke is blocked by the account feature response Unsupported feature 'ROW ACCESS POLICY'. That policy-enforcement claim is explicitly excluded from stable-final for accounts where the native policy features are unavailable. Continuous ingestion is also excluded from stable-final until a separate runtime/evidence mapping is implemented. Historical/snapshot semantics are excluded from stable-final until parity evidence exists.

Machine-Readable Status

contractforge-snowflake stabilization-report

For the current release, the intended classification is STABLE_SUPPORTED_SURFACE with supported_surface_ready: true and stable_final: true. Continuous ingestion, account-feature-dependent policy enforcement and historical/snapshot soft delete are excluded from stable-final, and the reference hash-diff benchmark is validated.