Closed mgyucht closed 1 month ago
This PR breaks backwards compatibility for databrickslabs/blueprint downstream. See build logs for more details.
Running from downstreams #123
Attention: Patch coverage is 97.91667%
with 1 lines
in your changes are missing coverage. Please review.
Project coverage is 57.66%. Comparing base (
fabe7c4
) to head (6422cb5
).
Files | Patch % | Lines |
---|---|---|
databricks/sdk/core.py | 66.66% | 1 Missing :warning: |
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Changes
This PR ports https://github.com/databricks/databricks-sdk-go/pull/924 to the Python SDK.
When a user tries to access a Private Link-enabled workspace configured with no public internet access from a different network than the VPC endpoint belongs to, the Private Link backend redirects the user to the login page, rather than outright rejecting the request. The login page, however, is not a JSON document and cannot be parsed by the SDK, resulting in this error message:
To address this, I add one additional check in the error mapper logic to inspect whether the user was redirected to the login page with the private link validation error response code. If so, we return a custom error,
PrivateLinkValidationError
, with error codePRIVATE_LINK_VALIDATION_ERROR
that inherits from PermissionDenied and has a mock 403 status code.After this change, users will see an error message like this:
The error message is tuned to the specific cloud so that we can redirect users to the appropriate documentation, the cloud being inferred from the request URI.
Tests
Unit tests cover the private link error message mapping. To manually test this, I created a private link workspace in Azure, created an access token, restricted access to the workspace, then ran the
last_job_runs.py
example using the host & token:make test
run locallymake fmt
applied