feat(kernel): close deferred feature rows — OAuth M2M/U2M, metric-view, initial namespace#396
Open
mani-mathur-arch wants to merge 1 commit into
Open
Conversation
…initial namespace Close the four DAIS-scope rows the SEA-via-kernel backend previously rejected at connect time. All are Go-side only (no new kernel dependency): the OAuth setters are on merged kernel #162, metric-view is an existing session conf, and the namespace uses plain SQL. - Metric view: config.EffectiveSessionParams() derives the server conf (spark.sql.thriftserver.metadata.metricview.enabled) once, backend-neutrally, so both backends send the identical conf. The Thrift OpenSession special-case is removed (behaviour-preserving); the kernel forwards it via SessionConf. Reject dropped; reclassified forwarded. - Initial namespace: applied post-connect via USE CATALOG / USE SCHEMA (the OSS ODBC workaround) since the kernel C ABI has no catalog/schema setter. quoteIdent (untagged) backtick-quotes identifiers; a USE failure fails connect and closes the session. Reject dropped; reclassified forwarded. - OAuth M2M/U2M: the kernel drives its own OAuth flow from raw credentials (mirroring pyo3/napi and the Node/Python kernel bindings), read off cfg.Authenticator — the single source of truth (last-writer-wins, matching Thrift). The m2m/u2m authenticators expose auth.M2MCredentialsProvider / auth.U2MCredentialsProvider; resolveKernelAuth type-switches them and returns a *kernelAuth descriptor. KernelBackend.setAuth branches to set_auth_pat / set_auth_m2m / set_auth_u2m; U2M uses Go's cloud-inferred client id (kernel defaults for scopes/port). No new config fields. Verified: default CGO_ENABLED=0 suite + golangci-lint v2.12.2 clean; tagged databricks_kernel unit tests (auth-mode -> setter mapping, quoteIdent); live staging e2e for initial namespace (current_catalog/current_schema) and metric-view (session opens + queries; the conf is not SET-introspectable on either backend). M2M/U2M covered by unit tests (no staging service principal; U2M is interactive). Co-authored-by: Isaac
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Closes the four DAIS-scope rows the SEA-via-kernel backend previously rejected at connect time. All are Go-side only — no new kernel dependency: the OAuth setters are on merged kernel #162, metric-view is an existing server session conf, and the initial namespace uses plain SQL.
config.EffectiveSessionParams()derives the server conf (spark.sql.thriftserver.metadata.metricview.enabled) once, backend-neutrally, so both backends send the identical conf. The ThriftOpenSessionspecial-case is removed (behaviour-preserving); the kernel forwards it viaSessionConf. Reject dropped, reclassified forwarded.USE CATALOG/USE SCHEMA(the OSS ODBC workaround) since the kernel C ABI has no catalog/schema setter.quoteIdent(untagged) backtick-quotes identifiers; aUSEfailure fails connect and closes the session. Reject dropped, reclassified forwarded.cfg.Authenticator— the single source of truth (last-writer-wins, matching Thrift). The m2m/u2m authenticators exposeauth.M2MCredentialsProvider/auth.U2MCredentialsProvider;resolveKernelAuthtype-switches them into a*kernelAuthdescriptor, andKernelBackend.setAuthbranches toset_auth_pat/set_auth_m2m/set_auth_u2m. U2M uses Go's cloud-inferred client id (kernel defaults for scopes/port). No newconfig.UserConfigfields.Stacked on #395 (
mani/sea-kernel-build-recipe); additive only, so #393 and #395 are untouched.Testing
CGO_ENABLED=0suite +golangci-lintv2.12.2 — clean repo-wide.databricks_kernelunit tests — auth-mode → C-setter mapping (PAT/M2M/U2M),quoteIdent, config assembly.current_catalog()/current_schema()match config) and metric-view (session opens + queries; the conf is notSET-introspectable on either backend, so the assertion is connect+query parity, not a read-back).M2M then PAT → PAT.This pull request and its description were written by Isaac.