Support GCP Auth #444
Merged
Support GCP Auth #444
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
edwardfeng-db
force-pushed
the
edwardfeng-db/gcp-auth
branch
from
2473e67 to
112b27d
Compare
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #444 +/- ##
==========================================
- Coverage 51.67% 51.62% -0.06%
==========================================
Files 38 38
Lines 22277 22318 +41
==========================================
+ Hits 11512 11521 +9
- Misses 10765 10797 +32 ☔ View full report in Codecov by Sentry. |
edwardfeng-db
force-pushed
the
edwardfeng-db/gcp-auth
branch
from
80e42ba to
d2e05b0
Compare
mgyucht
reviewed
Nov 21, 2023
| @@ -265,6 +273,70 @@ def refreshed_headers() -> Dict[str, str]: | |||
| return refreshed_headers | |||
|
|
|||
|
|
|||
| @credentials_provider('google-credentials', ['host', 'google_credentials']) | |||
There was a problem hiding this comment.
I guess this is the same as with the Go library. But in theory, google_credentials does not even need to be specified, because there is also a default directory that the google-auth library looks in, if I'm not mistaken. We might be able to remove this and allow users to auto-login with their google credentials set up via the default app credentials pathway.
There was a problem hiding this comment.
Yeah I thought so as well at the beginning but after checking more I think we do need to point it to the service account json file, which is different from the default auth json file as the service account one contains more info about the keys and secrets for signing the jwt etc. So it seems like we need this to make it work
edwardfeng-db
force-pushed
the
edwardfeng-db/gcp-auth
branch
from
58c0159 to
e404051
Compare
mgyucht
approved these changes
Nov 21, 2023
3 tasks
Merged
mgyucht
added a commit
that referenced
this pull request
Nov 29, 2023
Major changes: * GCP Auth is now supported in the Python SDK. To use Google credentials-based authentication, specify your Default Application Credentials in the `GOOGLE_CREDENTIALS` environment variable or corresponding `google_credentials` parameter in `Config` or the client constructors. You may provide either the path to the file containing your credentials or the credentials themselves serialized as JSON. To use Google impersonation, specify the service principal to impersonate in the `DATABRICKS_GOOGLE_SERVICE_ACCOUNT` environment variable or the corresponding `google_service_account` parameter in `Config` or the client constructors. See [#444](#444) for the changes. Bug fixes: * Fix flask app example ([#445](#445)). * Fix deserialization of repeated enums ([#450](#450), [#452](#452)). * Capture stdout and stderr separately when calling Azure CLI ([#460](#460)). Other changes: * Change the name of retries logger to `databricks.sdk.retries` ([#453](#453)). API Changes: * Added `pipeline_id` field for `databricks.sdk.service.catalog.TableInfo`. * Added `enable_predictive_optimization` field for `databricks.sdk.service.catalog.UpdateCatalog` and `databricks.sdk.service.catalog.UpdateSchema`. * Removed `databricks.sdk.service.catalog.UpdatePredictiveOptimization` and `databricks.sdk.service.catalog.UpdatePredictiveOptimizationResponse` dataclasses. * Removed `enable_optimization()` method for [w.metastores](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/metastores.html) workspace-level service. * Added `description` field for `databricks.sdk.service.jobs.CreateJob` and `databricks.sdk.service.jobs.JobSettings`. * Added `list_network_connectivity_configurations()` and `list_private_endpoint_rules()` methods for [a.network_connectivity](https://databricks-sdk-py.readthedocs.io/en/latest/account/network_connectivity.html) account-level service. * Added `databricks.sdk.service.settings.ListNccAzurePrivateEndpointRulesResponse`, `databricks.sdk.service.settings.ListNetworkConnectivityConfigurationsRequest`, `databricks.sdk.service.settings.ListNetworkConnectivityConfigurationsResponse`, and `databricks.sdk.service.settings.ListPrivateEndpointRulesRequest` dataclasses. Internal changes: * Make ucws tests skipped when DATABRICKS_ACCOUNT_ID is present ([#448](#448)). OpenAPI SHA: 22f09783eb8a84d52026f856be3b2068f9498db3, Date: 2023-11-23 Dependency updates: * Bump API spec for Python SDK ([#454](#454)).
pietern
reviewed
Nov 29, 2023
| google_service_account=input('Google Service Account: ')) | ||
|
|
||
| ``` | ||
|
|
There was a problem hiding this comment.
@edwardfeng-db Could you take a second pass at this doc? The field names mentioned are the Go SDK field names, not the Python SDK field names (PascalCase vs snake_case).
There was a problem hiding this comment.
Yeah I see, sorry about this, let me update that. Some copy pasta issues
github-merge-queue bot
pushed a commit
that referenced
this pull request
Nov 29, 2023
Major changes: * GCP Auth is now supported in the Python SDK. To use Google credentials-based authentication, specify your Default Application Credentials in the `GOOGLE_CREDENTIALS` environment variable or corresponding `google_credentials` parameter in `Config` or the client constructors. You may provide either the path to the file containing your credentials or the credentials themselves serialized as JSON. To use Google impersonation, specify the service principal to impersonate in the `DATABRICKS_GOOGLE_SERVICE_ACCOUNT` environment variable or the corresponding `google_service_account` parameter in `Config` or the client constructors. See [#444](#444) for the changes. Bug fixes: * Fix flask app example ([#445](#445)). * Fix deserialization of repeated enums ([#450](#450), [#452](#452)). * Capture stdout and stderr separately when calling Azure CLI ([#460](#460)). Other changes: * Change the name of retries logger to `databricks.sdk.retries` ([#453](#453)). API Changes: * Added `pipeline_id` field for `databricks.sdk.service.catalog.TableInfo`. * Added `enable_predictive_optimization` field for `databricks.sdk.service.catalog.UpdateCatalog` and `databricks.sdk.service.catalog.UpdateSchema`. * Removed `databricks.sdk.service.catalog.UpdatePredictiveOptimization` and `databricks.sdk.service.catalog.UpdatePredictiveOptimizationResponse` dataclasses. * Removed `enable_optimization()` method for [w.metastores](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/metastores.html) workspace-level service. * Added `description` field for `databricks.sdk.service.jobs.CreateJob` and `databricks.sdk.service.jobs.JobSettings`. * Added `list_network_connectivity_configurations()` and `list_private_endpoint_rules()` methods for [a.network_connectivity](https://databricks-sdk-py.readthedocs.io/en/latest/account/network_connectivity.html) account-level service. * Added `databricks.sdk.service.settings.ListNccAzurePrivateEndpointRulesResponse`, `databricks.sdk.service.settings.ListNetworkConnectivityConfigurationsRequest`, `databricks.sdk.service.settings.ListNetworkConnectivityConfigurationsResponse`, and `databricks.sdk.service.settings.ListPrivateEndpointRulesRequest` dataclasses. Internal changes: * Make ucws tests skipped when DATABRICKS_ACCOUNT_ID is present ([#448](#448)). OpenAPI SHA: 22f09783eb8a84d52026f856be3b2068f9498db3, Date: 2023-11-23 Dependency updates: * Introduced "google-auth" dependency to support Google authentication.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes
Tests
make testrun locallymake fmtapplied