fix(test): allow write access to config file in Docker tests

[devin-ai-integration]

Summary

Fixes PermissionError: [Errno 13] Permission denied: '/secrets/config.json' that occurs when testing connectors with config migration (e.g., OAuth token refresh).

The CDK's _migrate_and_transform_config method needs to write back to the config file to persist changes like refreshed OAuth tokens. The test framework was previously mounting config files as read-only, causing these connectors to fail during Docker-based tests.

Changes:

• scenario.py: Changed temp config file permissions from 0o444 (read-only) to 0o666 (read-write)
• docker_base.py: Added explicit :rw flag to Docker volume mounts for config files in check, discover, and read test commands

Review & Testing Checklist for Human

• Verify that giving write access to config files in tests doesn't introduce security concerns for the test environment
• Run the source-gong connector tests to confirm this fix resolves the CI failure (the original failing test was test_docker_image_build_and_check)
• Consider if any existing connectors might behave unexpectedly with write access to their config during tests

Recommended test plan: Re-run the source-gong PR CI (airbytehq/airbyte#71356) after this CDK change is released to verify the test_docker_image_build_and_check test passes.

Notes

This PR was created to unblock airbytehq/airbyte#71356 (source-gong OAuth support), which uses the refresh_token_updater configuration that triggers config migration.

Requested by: aldo.gonzalez@airbyte.io

Link to Devin run: https://app.devin.ai/sessions/bac4e6c3e7684fd1802811a5c8c186a1

[devin-ai-integration]

Original prompt from aldo.gonzalez@airbyte.io

Received message in Slack channel #ask-devin-ai:

@Devin this issue seems acccurate to me to omplement Oauth for airbyte connector <https://github.com/airbytehq/airbyte-internal-issues/issues/15647> does it look accurate for you? please double check and challenge if needed
Thread URL: https://airbytehq-team.slack.com/archives/C08BHPUMEPJ/p1768338850454729

#15647 Update Gong RC to support Oauth

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[github-actions]

👋 Greetings, Airbyte Team Member!

Here are some helpful tips and reminders for your convenience.

Testing This CDK Version

You can test this version of the CDK using the following:

# Run the CLI from this branch:
uvx 'git+https://github.com/airbytehq/airbyte-python-cdk.git@devin/1768528093-fix-docker-test-config-permissions#egg=airbyte-python-cdk[dev]' --help

# Update a connector to use the CDK from this branch ref:
cd airbyte-integrations/connectors/source-example
poe use-cdk-branch devin/1768528093-fix-docker-test-config-permissions

Helpful Resources

• CDK API Reference

PR Slash Commands

Airbyte Maintainers can execute the following slash commands on your PR:

• /autofix - Fixes most formatting and linting issues
• /poetry-lock - Updates poetry.lock file
• /test - Runs connector tests with the updated CDK
• /prerelease - Triggers a prerelease publish with default arguments
• /poe build - Regenerate git-committed build artifacts, such as the pydantic models which are generated from the manifest JSON schema in YAML.
• /poe <command> - Runs any poe command in the CDK environment

📝 Edit this welcome message.

[github-actions]

PyTest Results (Fast)

3 826 tests  ±0   3 814 ✅ ±0   6m 33s ⏱️ -12s
    1 suites ±0      12 💤 ±0 
    1 files   ±0       0 ❌ ±0 

Results for commit fed6158. ± Comparison against base commit d85cb1c.

[github-actions]

PyTest Results (Full)

3 829 tests  ±0   3 817 ✅ ±0   10m 51s ⏱️ -1s
    1 suites ±0      12 💤 ±0 
    1 files   ±0       0 ❌ ±0 

Results for commit fed6158. ± Comparison against base commit d85cb1c.