Add parametrized unit tests for auth types across host profiles#771
Open
hectorcast-db wants to merge 1 commit intomainfrom
Open
Add parametrized unit tests for auth types across host profiles#771hectorcast-db wants to merge 1 commit intomainfrom
hectorcast-db wants to merge 1 commit intomainfrom
Conversation
Tests each auth type resolves correctly on every applicable host profile (LW, NW, LA, NA, SPOGW, SPOGA) across AWS, Azure, and GCP clouds. Covers pat, basic, oauth-m2m, github-oidc, env-oidc, file-oidc, azure-client-secret, and github-oidc-azure (138 subtests total). Java has no HostMetadataResolver seam, so each test mocks GET /.well-known/databricks-config and calls resolve() so that DatabricksConfig.resolveHostMetadata() actually runs and populates discoveryUrl (and accountId/workspaceId for bare-host profiles) from the mocked metadata response — the production path Go's resolver injection shortcuts. A dedicated hostMetadataResolutionPopulatesDiscoveryUrl test asserts that derivation explicitly. Mirrors databricks/databricks-sdk-go#1627. NO_CHANGELOG=false Co-authored-by: Isaac
hectorcast-db
temporarily deployed
to
test-trigger-is
GitHub Actions
Inactive
Contributor
|
If integration tests don't run automatically, an authorized user can run them manually by following the instructions below: Trigger: Inputs:
Checks will be approved automatically on success. |
hectorcast-db
temporarily deployed
to
test-trigger-is
GitHub Actions
Inactive
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
AuthProfilesTest.javawith 138 parametrized subtests covering 8 auth types across 6 host profiles (LW, NW, LA, NA, SPOGW, SPOGA) on AWS, Azure, and GCP.HostMetadataResolverseam, so each test mocksGET /.well-known/databricks-configand callsresolve()so thatDatabricksConfig.resolveHostMetadata()actually runs and populatesdiscoveryUrl(andaccountId/workspaceIdfor bare-host profiles) from the mocked metadata — the production path Go's resolver injection shortcuts.hostMetadataResolutionPopulatesDiscoveryUrlsubtest that asserts the derivation explicitly, so a regression where metadata resolution silently no-ops cannot be masked.Profiles tested
account_id+workspace_idaccount_id+workspace_idaccount_idAuth types covered
pat, basic, oauth-m2m, github-oidc, env-oidc, file-oidc, azure-client-secret, github-oidc-azure
Not covered (with rationale)
databricks-cli,azure-cli: invoke external processes viaProcessBuilder; mocking requiresMockedConstruction+ spy per-profile. Covered at the unit level byDatabricksCliCredentialsProviderTest/AzureCliCredentialsProviderTest/CliTokenSourceTest.azure-devops-oidc:AzureDevOpsIDTokenSourcereadsSYSTEM_*variables viaSystem.getenv()at construction time (not viaconfig.getEnv()); overriding those in-process requires JUnit Pioneer or reflection, neither of which is in the project's dep set.metadata-service: no equivalent auth type in the Java SDK.AzureMsiCredentialsProviderhits the Azure IMDS endpoint, not a Databricks-hosted metadata service.google-credentials,google-id: delegate to Google SDK functions that parse real crypto keys with no seam for HTTP injection (matches Go SDK's exclusion).Test plan
mvn test -Dtest=AuthProfilesTest)com.databricks.sdk.core.*tests unaffected (908 pass)This pull request was AI-assisted by Isaac.