Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
58 commits
Select commit Hold shift + click to select a range
f36f06b
Work around a failing unit test.
asnare Mar 30, 2026
7cef077
Fix broken pip output capture.
asnare Mar 30, 2026
116dc07
Merge branch 'main' into fix/pip-output-capture
asnare Mar 31, 2026
46ed961
Merge branch 'main' into fix/test-load-typed-file
asnare Mar 31, 2026
57a18f3
Merge branch 'main' into fix/pip-output-capture
asnare Mar 31, 2026
b48c368
Merge branch 'main' into fix/test-load-typed-file
asnare Mar 31, 2026
81e9051
Merge branch 'main' into fix/test-load-typed-file
asnare Mar 31, 2026
660ce8a
Merge branch 'main' into fix/pip-output-capture
asnare Mar 31, 2026
e31af3f
Ensure shell-script escaping is in place.
asnare Apr 7, 2026
6324ad4
Merge branch 'main' into fix/test-load-typed-file
asnare Apr 7, 2026
0cffbab
Try to fix acceptance/downstream tests.
asnare Apr 8, 2026
6276eb5
Revert to single-command pre_setup.
asnare Apr 8, 2026
8a74b91
Debugging for acceptance CI/CD.
asnare Apr 8, 2026
356cd1b
Drop debugging.
asnare Apr 8, 2026
611665e
Configure the PyPi development proxy.
asnare Apr 8, 2026
b73d7a2
Ensure the proxy is configured for all steps.
asnare Apr 8, 2026
7e779b4
Revert "Drop debugging."
asnare Apr 8, 2026
d7bfa9e
Set up JFrog authentication.
asnare Apr 8, 2026
78f3983
YAML quoting.
asnare Apr 8, 2026
45521c5
Nuke stray quote.
asnare Apr 8, 2026
f65cd7d
Try to authenticate against jfrog.
asnare Apr 8, 2026
755fdc0
Fix typo in command.
asnare Apr 8, 2026
986bff2
Try to authenticate a different way
asnare Apr 8, 2026
aaa1836
Fix typo in argument name.
asnare Apr 8, 2026
1391b4a
Universal pin.
asnare Apr 8, 2026
caec415
Ensure that hatchling is always pinned when builds are needed.
asnare Apr 8, 2026
971c88d
Try to ensure .build-constraints.txt doesn't end up empty.
asnare Apr 8, 2026
9f49dbd
Debug uv auth
asnare Apr 8, 2026
5683d5c
More debugging.
asnare Apr 8, 2026
c9e597f
Debugging CI/CD
asnare Apr 8, 2026
d4c48f1
Remove debugging.
asnare Apr 8, 2026
6bbf0c3
Drop cooldown from project configuration, rely on proxies to enforce it.
asnare Apr 8, 2026
f25ee8a
When setting up the environment, just use the lockfile rather that tr…
asnare Apr 8, 2026
7a0807e
Fix path traversal.
asnare Apr 8, 2026
5a6c51e
Update to use the runners that we are supposed to use.
asnare Apr 9, 2026
e0c6c41
Fix release workflow syntax.
asnare Apr 9, 2026
8740976
Fix runner labels.
asnare Apr 9, 2026
f7c0107
Fix runner specification.
asnare Apr 9, 2026
39fc2ac
Configure workflows to use JFrog.
asnare Apr 9, 2026
f2d821c
Fix step name.
asnare Apr 9, 2026
4a35939
Ensure jobs that need to auth against JFrog have id-token access.
asnare Apr 9, 2026
82264bc
Ensure CI/CD runs in frozen mode.
asnare Apr 9, 2026
b262a03
Fix typo: UI_FROZEN -> UV_FROZEN
asnare Apr 9, 2026
83bd4cb
Merge branch 'main' into fix/test-load-typed-file
asnare Apr 10, 2026
f021842
Merge branch 'main' into fix/pip-output-capture
asnare Apr 10, 2026
2e74d08
Merge branch 'main' into shell-script-escaping
asnare Apr 10, 2026
5bda0e2
Drop the release workflow entirely.
asnare Apr 10, 2026
efa9617
Factor out more of the JFrog setup, and add support for pip.
asnare Apr 10, 2026
11a71c7
Mark the composite action for later extraction to a common repository.
asnare Apr 10, 2026
a198f2d
Merge branch 'fix/test-load-typed-file' into pre-main
asnare Apr 10, 2026
45e703d
Merge branch 'fix/pip-output-capture' into pre-main
asnare Apr 10, 2026
426bf7e
Merge branch 'shell-script-escaping' into pre-main
asnare Apr 10, 2026
33dae7c
Also run acceptance tests, on this branch.
asnare Apr 10, 2026
695b9ee
Tighten action use.
asnare Apr 10, 2026
81f4d8b
Tighten action use.
asnare Apr 10, 2026
c6cc497
Merge branch 'more-gha-fixes' into pre-main
asnare Apr 10, 2026
1455faf
Formatting.
asnare Apr 10, 2026
723c9cc
Merge branch 'more-gha-fixes' into pre-main
asnare Apr 10, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .codegen.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"src/databricks/labs/blueprint/__about__.py": "__version__ = \"$VERSION\""
},
"toolchain": {
"required": ["make","uv"],
"required": ["make", "uv"],
"pre_setup": ["make dev"],
"prepend_path": ".venv/bin",
"acceptance_path": "tests/integration",
Expand Down
36 changes: 36 additions & 0 deletions .github/actions/jfrog-auth/action.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
name: 'Authenticate for JFrog'
description: 'Authenticate with JFrog using OIDC based on the GitHub repository.'
# TODO: Factor out into an external action, once releases are allowed.
outputs:
jfrog-access-token:
description: "Access token for JFrog"
Expand All @@ -12,3 +13,38 @@ runs:
shell: bash
run: |
"${GITHUB_ACTION_PATH}/jfrog-auth" "${ACTIONS_ID_TOKEN_REQUEST_URL}" "${ACTIONS_ID_TOKEN_REQUEST_TOKEN}"

- id: detect-cmds
name: Detecting python package/project managers.
shell: bash
run: |
for cmd in pip3 uv
do
command -v "${cmd}" > /dev/null && found=true || found=false
printf '::debug::%s\n' "Found ${cmd}: ${found}"
printf '%s=%s\n' "command_${cmd}" "${found}" >> "${GITHUB_OUTPUT}"
done

- name: Configure pip for JFrog
if: "${{ steps.detect-cmds.outputs.command_pip3 == 'true' }}"
shell: bash
env:
JFROG_ACCESS_TOKEN: "${{ steps.jfrog-auth.outputs.jfrog-access-token }}"
run: |
umask 077
cat > "$RUNNER_TEMP/.pip.conf" <<EOF
[global]
index-url = https://gha-service-account:${JFROG_ACCESS_TOKEN}@databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple
EOF
printf '%s=%s\n' 'PIP_CONFIG_FILE' "${RUNNER_TEMP}/.pip.conf" >> "${GITHUB_ENV}"

- name: Configure uv for JFrog
if: "${{ steps.detect-cmds.outputs.command_uv == 'true' }}"
shell: bash
env:
JFROG_ACCESS_TOKEN: "${{ steps.jfrog-auth.outputs.jfrog-access-token }}"
UV_INDEX_URL: 'https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple'
run: |
uv auth login "${UV_INDEX_URL}" --username gha-service-account --password "${JFROG_ACCESS_TOKEN}"
printf "%s=%s\n" 'UV_INDEX_URL' "${UV_INDEX_URL}" >> "${GITHUB_ENV}"
printf "%s=%s\n" 'UV_FROZEN' '1' >> "${GITHUB_ENV}"
13 changes: 2 additions & 11 deletions .github/workflows/acceptance.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ permissions:

jobs:
integration:
if: github.event_name == 'pull_request' && github.event.pull_request.draft == false
if: github.event_name == 'pull_request'
environment: runtime
permissions:
# Access to JFrog and the integration testing infrastructure.
Expand All @@ -19,9 +19,6 @@ jobs:
runs-on:
group: larger-runners
labels: larger
env:
UV_FROZEN: 1
UV_INDEX_URL: https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple # Authentication needed, below.
steps:
- name: Checkout Code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
Expand All @@ -34,15 +31,9 @@ jobs:
version: "0.11.2"
checksum: "7ac2ca0449c8d68dae9b99e635cd3bc9b22a4cb1de64b7c43716398447d42981" # uv-x86_64-unknown-linux-gnu.tar.gz

- name: Authenticate against JFrog
id: jfrog-auth
- name: Setup for JFrog
uses: ./.github/actions/jfrog-auth

- name: Configure uv authentication for JFrog
env:
JFROG_ACCESS_TOKEN: "${{ steps.jfrog-auth.outputs.jfrog-access-token }}"
run: uv auth login "${UV_INDEX_URL}" --username gha-service-account --password "${JFROG_ACCESS_TOKEN}"

- name: Acceptance
uses: databrickslabs/sandbox/acceptance@3313d06ce86227537b3f37f5974f7eecb2a8e59a # acceptance/v0.4.4
with:
Expand Down
11 changes: 1 addition & 10 deletions .github/workflows/downstreams.yml
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,6 @@ jobs:
id-token: write
# Write test results to the PR.
pull-requests: write
env:
UV_FROZEN: 1
UV_INDEX_URL: https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple # Authentication needed, below.
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
Expand All @@ -50,15 +47,9 @@ jobs:
version: "0.11.2"
checksum: "7ac2ca0449c8d68dae9b99e635cd3bc9b22a4cb1de64b7c43716398447d42981" # uv-x86_64-unknown-linux-gnu.tar.gz

- name: Authenticate against JFrog
id: jfrog-auth
- name: Setup for JFrog
uses: ./.github/actions/jfrog-auth

- name: Configure uv authentication for JFrog
env:
JFROG_ACCESS_TOKEN: "${{ steps.jfrog-auth.outputs.jfrog-access-token }}"
run: uv auth login "${UV_INDEX_URL}" --username gha-service-account --password "${JFROG_ACCESS_TOKEN}"

- name: Acceptance
run: printf '::error::%s\n' "Downstream tests disabled pending repository lockdown."
# uses: databrickslabs/sandbox/downstreams@3313d06ce86227537b3f37f5974f7eecb2a8e59a # acceptance/v0.4.4
Expand Down
11 changes: 1 addition & 10 deletions .github/workflows/nightly.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,6 @@ jobs:
runs-on:
group: larger-runners
labels: larger
env:
UV_FROZEN: 1
UV_INDEX_URL: https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple # Authentication needed, below.
steps:
- name: Checkout Code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
Expand All @@ -38,15 +35,9 @@ jobs:
version: "0.11.2"
checksum: "7ac2ca0449c8d68dae9b99e635cd3bc9b22a4cb1de64b7c43716398447d42981" # uv-x86_64-unknown-linux-gnu.tar.gz

- name: Authenticate against JFrog
id: jfrog-auth
- name: Setup for JFrog
uses: ./.github/actions/jfrog-auth

- name: Configure uv authentication for JFrog
env:
JFROG_ACCESS_TOKEN: "${{ steps.jfrog-auth.outputs.jfrog-access-token }}"
run: uv auth login "${UV_INDEX_URL}" --username gha-service-account --password "${JFROG_ACCESS_TOKEN}"

- name: Run nightly tests
uses: databrickslabs/sandbox/acceptance@3313d06ce86227537b3f37f5974f7eecb2a8e59a # acceptance/v0.4.4
with:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/no-cheat.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,10 @@ jobs:

- name: Verify no lint is disabled in the new code
run: |
git fetch origin $GITHUB_BASE_REF:$GITHUB_BASE_REF
git diff $GITHUB_BASE_REF...$(git branch --show-current) >> diff_data.txt
git fetch origin "${GITHUB_BASE_REF}:${GITHUB_BASE_REF}"
git diff "${GITHUB_BASE_REF}...$(git branch --show-current)" >> diff_data.txt
python tests/unit/no_cheat.py diff_data.txt >> cheats.txt
COUNT=$(cat cheats.txt | wc -c)
COUNT="$(cat cheats.txt | wc -c)"
if [ ${COUNT} -gt 1 ]; then
cat cheats.txt
exit 1
Expand Down
21 changes: 2 additions & 19 deletions .github/workflows/push.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,6 @@ jobs:
permissions:
id-token: write # JFrog OIDC
env:
UV_FROZEN: 1
UV_INDEX_URL: https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple # Authentication needed, below.
UV_PYTHON: "${{ matrix.python }}"
steps:
- name: Checkout
Expand All @@ -42,15 +40,9 @@ jobs:
version: "0.11.2"
checksum: "7ac2ca0449c8d68dae9b99e635cd3bc9b22a4cb1de64b7c43716398447d42981" # uv-x86_64-unknown-linux-gnu.tar.gz

- name: Authenticate against JFrog
id: jfrog-auth
- name: Setup for JFrog
uses: ./.github/actions/jfrog-auth

- name: Configure uv authentication for JFrog
env:
JFROG_ACCESS_TOKEN: "${{ steps.jfrog-auth.outputs.jfrog-access-token }}"
run: uv auth login "${UV_INDEX_URL}" --username gha-service-account --password "${JFROG_ACCESS_TOKEN}"

- name: Initialize the project
run: make dev

Expand All @@ -68,9 +60,6 @@ jobs:
labels: linux-ubuntu-latest
permissions:
id-token: write # JFrog OIDC
env:
UV_FROZEN: 1
UV_INDEX_URL: https://databricks.jfrog.io/artifactory/api/pypi/db-pypi/simple # Authentication needed, below.
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
Expand All @@ -81,15 +70,9 @@ jobs:
version: "0.11.2"
checksum: "7ac2ca0449c8d68dae9b99e635cd3bc9b22a4cb1de64b7c43716398447d42981" # uv-x86_64-unknown-linux-gnu.tar.gz

- name: Authenticate against JFrog
id: jfrog-auth
- name: Setup for JFrog
uses: ./.github/actions/jfrog-auth

- name: Configure uv authentication for JFrog
env:
JFROG_ACCESS_TOKEN: "${{ steps.jfrog-auth.outputs.jfrog-access-token }}"
run: uv auth login "${UV_INDEX_URL}" --username gha-service-account --password "${JFROG_ACCESS_TOKEN}"

- name: Initialize the project
run: make dev

Expand Down
63 changes: 0 additions & 63 deletions .github/workflows/release.yml

This file was deleted.

10 changes: 5 additions & 5 deletions src/databricks/labs/blueprint/wheels.py
Original file line number Diff line number Diff line change
Expand Up @@ -280,11 +280,11 @@ def _build_wheel(self, tmp_dir: str, *, verbose: bool = False, no_deps: bool = T
:param no_deps: bool: (Default value = True)
:param dirs_exist_ok: bool: (Default value = False)
"""
stdout = subprocess.STDOUT
stderr = subprocess.STDOUT
if not verbose:
stdout = subprocess.DEVNULL
stderr = subprocess.DEVNULL
stdout: int | None = subprocess.DEVNULL
stderr = subprocess.DEVNULL
if verbose:
stdout = None # Pass-through.
stderr = subprocess.STDOUT # Redirected to stdout
checkout_root = self._product_info.checkout_root()
if self._product_info.is_git_checkout() and self._product_info.is_unreleased_version():
# working copy becomes project root for building a wheel
Expand Down
17 changes: 16 additions & 1 deletion tests/unit/test_installation.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,21 @@
)


@pytest.fixture
def suspend_config_host_metadata_lookup(monkeypatch: pytest.MonkeyPatch) -> None:
"""Suspend host metadata lookups from the SDKs Config class.

As of version 0.102.0 of the Databricks SDK, the `Config` class during __init__() makes a network call with a
timeout of 5 minutes if the target host does not exist. For unit tests, it never does. This fixture therefore
patches over that lookup to ensure it doesn't get in the way of our tests.
"""

def _fake_resolve_host_metadata(self) -> None:
return

monkeypatch.setattr(Config, "_resolve_host_metadata", _fake_resolve_host_metadata)


def test_current_not_found() -> None:
ws = create_autospec(WorkspaceClient)
ws.current_user.me().user_name = "foo"
Expand Down Expand Up @@ -180,7 +195,7 @@ def test_save_typed_file_array_csv() -> None:
)


def test_load_typed_file() -> None:
def test_load_typed_file(suspend_config_host_metadata_lookup: None) -> None:
ws = create_autospec(WorkspaceClient)
ws.current_user.me().user_name = "foo"
ws.workspace.download.return_value = io.StringIO(
Expand Down
Loading