@databricks/sdk-uc-secrets 0.0.0-dev → 0.1.0-dev.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,294 @@
1
+ // Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
2
+
3
+ import {VERSION as AUTH_VERSION} from '@databricks/sdk-auth';
4
+ import type {Call} from '@databricks/sdk-core/api';
5
+ import {createDefault} from '@databricks/sdk-core/clientinfo';
6
+ import type {Logger} from '@databricks/sdk-core/logger';
7
+ import {NoOpLogger} from '@databricks/sdk-core/logger';
8
+ import type {CallOptions} from '@databricks/sdk-options/call';
9
+ import type {ClientOptions} from '@databricks/sdk-options/client';
10
+ import type {HttpClient} from '@databricks/sdk-core/http';
11
+ import {newHttpClient} from './transport';
12
+ import {
13
+ buildHttpRequest,
14
+ executeCall,
15
+ executeHttpCall,
16
+ marshalRequest,
17
+ parseResponse,
18
+ } from './utils';
19
+ import pkgJson from '../../package.json' with {type: 'json'};
20
+ import type {
21
+ CreateSecretRequest,
22
+ DeleteSecretRequest,
23
+ GetSecretRequest,
24
+ ListSecretsRequest,
25
+ ListSecretsResponse,
26
+ Secret,
27
+ UpdateSecretRequest,
28
+ } from './model';
29
+ import {
30
+ marshalSecretSchema,
31
+ unmarshalListSecretsResponseSchema,
32
+ unmarshalSecretSchema,
33
+ } from './model';
34
+
35
+ // Package identity segment for this client to be used in the User-Agent header.
36
+ const PACKAGE_SEGMENT = {
37
+ key: 'sdk-js-' + pkgJson.name.replace(/^@[^/]+\/sdk-/, ''),
38
+ value: pkgJson.version,
39
+ };
40
+
41
+ export class SecretsClient {
42
+ private readonly host: string;
43
+ // Workspace ID used to route workspace-level calls on unified hosts (SPOG).
44
+ // When set, workspace-level methods send X-Databricks-Org-Id on every
45
+ // request.
46
+ private readonly workspaceId: string | undefined;
47
+ private readonly httpClient: HttpClient;
48
+ private readonly logger: Logger;
49
+ // User-Agent header value. Composed once at construction from
50
+ // createDefault() merged with this package's identity and the active
51
+ // credential's name.
52
+ private readonly userAgent: string;
53
+
54
+ constructor(options: ClientOptions) {
55
+ if (options.host === undefined) {
56
+ throw new Error('Host is required.');
57
+ }
58
+ this.host = options.host.replace(/\/$/, '');
59
+ this.workspaceId = options.workspaceId;
60
+ this.logger = options.logger ?? new NoOpLogger();
61
+ const info = createDefault()
62
+ .with(PACKAGE_SEGMENT)
63
+ .with({key: 'sdk-js-auth', value: AUTH_VERSION})
64
+ .with({key: 'auth', value: options.credentials?.name() ?? 'default'});
65
+ this.userAgent = info.toString();
66
+ this.httpClient = newHttpClient(options);
67
+ }
68
+
69
+ /**
70
+ * Creates a new secret in Unity Catalog.
71
+ *
72
+ * You must be the owner of the parent schema or have the **CREATE_SECRET** and **USE SCHEMA**
73
+ * privileges on the parent schema and **USE CATALOG** on the parent catalog.
74
+ *
75
+ * The secret is stored in the specified catalog and schema, and the **value** field
76
+ * contains the sensitive data to be securely stored.
77
+ */
78
+ async createSecret(
79
+ req: CreateSecretRequest,
80
+ options?: CallOptions
81
+ ): Promise<Secret> {
82
+ const url = `${this.host}/api/2.1/unity-catalog/secrets`;
83
+ const body = marshalRequest(req.secret, marshalSecretSchema);
84
+ let resp: Secret | undefined;
85
+ const call: Call = async (callSignal?: AbortSignal): Promise<void> => {
86
+ const headers = new Headers({'Content-Type': 'application/json'});
87
+ if (this.workspaceId !== undefined) {
88
+ headers.set('X-Databricks-Org-Id', this.workspaceId);
89
+ }
90
+ headers.set('User-Agent', this.userAgent);
91
+ const httpReq = buildHttpRequest('POST', url, headers, callSignal, body);
92
+ const respBody = await executeHttpCall({
93
+ request: httpReq,
94
+ httpClient: this.httpClient,
95
+ logger: this.logger,
96
+ });
97
+ resp = parseResponse(respBody, unmarshalSecretSchema);
98
+ };
99
+ await executeCall(call, options);
100
+ if (resp === undefined) {
101
+ throw new Error('API call completed without a result.');
102
+ }
103
+ return resp;
104
+ }
105
+
106
+ /**
107
+ * Deletes a secret by its three-level (fully qualified) name.
108
+ *
109
+ * You must be the owner of the secret or a metastore admin.
110
+ */
111
+ async deleteSecret(
112
+ req: DeleteSecretRequest,
113
+ options?: CallOptions
114
+ ): Promise<void> {
115
+ const url = `${this.host}/api/2.1/unity-catalog/secrets/${req.fullName ?? ''}`;
116
+ const call: Call = async (callSignal?: AbortSignal): Promise<void> => {
117
+ const headers = new Headers();
118
+ if (this.workspaceId !== undefined) {
119
+ headers.set('X-Databricks-Org-Id', this.workspaceId);
120
+ }
121
+ headers.set('User-Agent', this.userAgent);
122
+ const httpReq = buildHttpRequest('DELETE', url, headers, callSignal);
123
+ await executeHttpCall({
124
+ request: httpReq,
125
+ httpClient: this.httpClient,
126
+ logger: this.logger,
127
+ });
128
+ };
129
+ await executeCall(call, options);
130
+ }
131
+
132
+ /**
133
+ * Gets a secret by its three-level (fully qualified) name.
134
+ *
135
+ * You must be a metastore admin, the owner of the secret, or have the **MANAGE**
136
+ * privilege on the secret.
137
+ *
138
+ * The secret value isn't returned by default. To retrieve it, you must also have the
139
+ * **READ_SECRET** privilege and set **include_value** to true in the request.
140
+ */
141
+ async getSecret(
142
+ req: GetSecretRequest,
143
+ options?: CallOptions
144
+ ): Promise<Secret> {
145
+ const url = `${this.host}/api/2.1/unity-catalog/secrets/${req.fullName ?? ''}`;
146
+ const params = new URLSearchParams();
147
+ if (req.includeBrowse !== undefined) {
148
+ params.append('include_browse', String(req.includeBrowse));
149
+ }
150
+ const query = params.toString();
151
+ const fullUrl = query !== '' ? `${url}?${query}` : url;
152
+ let resp: Secret | undefined;
153
+ const call: Call = async (callSignal?: AbortSignal): Promise<void> => {
154
+ const headers = new Headers();
155
+ if (this.workspaceId !== undefined) {
156
+ headers.set('X-Databricks-Org-Id', this.workspaceId);
157
+ }
158
+ headers.set('User-Agent', this.userAgent);
159
+ const httpReq = buildHttpRequest('GET', fullUrl, headers, callSignal);
160
+ const respBody = await executeHttpCall({
161
+ request: httpReq,
162
+ httpClient: this.httpClient,
163
+ logger: this.logger,
164
+ });
165
+ resp = parseResponse(respBody, unmarshalSecretSchema);
166
+ };
167
+ await executeCall(call, options);
168
+ if (resp === undefined) {
169
+ throw new Error('API call completed without a result.');
170
+ }
171
+ return resp;
172
+ }
173
+
174
+ /**
175
+ * Lists secrets in Unity Catalog.
176
+ *
177
+ * You must be a metastore admin, the owner of the secret, or have the
178
+ * **MANAGE** privilege on the secret.
179
+ *
180
+ * Both **catalog_name** and **schema_name** must be specified together to filter secrets within
181
+ * a specific schema. Results are paginated; use the **page_token** field from the response
182
+ * to retrieve subsequent pages.
183
+ */
184
+ async listSecrets(
185
+ req: ListSecretsRequest,
186
+ options?: CallOptions
187
+ ): Promise<ListSecretsResponse> {
188
+ const url = `${this.host}/api/2.1/unity-catalog/secrets`;
189
+ const params = new URLSearchParams();
190
+ if (req.catalogName !== undefined) {
191
+ params.append('catalog_name', req.catalogName);
192
+ }
193
+ if (req.schemaName !== undefined) {
194
+ params.append('schema_name', req.schemaName);
195
+ }
196
+ if (req.includeBrowse !== undefined) {
197
+ params.append('include_browse', String(req.includeBrowse));
198
+ }
199
+ if (req.pageToken !== undefined) {
200
+ params.append('page_token', req.pageToken);
201
+ }
202
+ if (req.pageSize !== undefined) {
203
+ params.append('page_size', String(req.pageSize));
204
+ }
205
+ const query = params.toString();
206
+ const fullUrl = query !== '' ? `${url}?${query}` : url;
207
+ let resp: ListSecretsResponse | undefined;
208
+ const call: Call = async (callSignal?: AbortSignal): Promise<void> => {
209
+ const headers = new Headers();
210
+ if (this.workspaceId !== undefined) {
211
+ headers.set('X-Databricks-Org-Id', this.workspaceId);
212
+ }
213
+ headers.set('User-Agent', this.userAgent);
214
+ const httpReq = buildHttpRequest('GET', fullUrl, headers, callSignal);
215
+ const respBody = await executeHttpCall({
216
+ request: httpReq,
217
+ httpClient: this.httpClient,
218
+ logger: this.logger,
219
+ });
220
+ resp = parseResponse(respBody, unmarshalListSecretsResponseSchema);
221
+ };
222
+ await executeCall(call, options);
223
+ if (resp === undefined) {
224
+ throw new Error('API call completed without a result.');
225
+ }
226
+ return resp;
227
+ }
228
+
229
+ async *listSecretsIter(
230
+ req: ListSecretsRequest,
231
+ options?: CallOptions
232
+ ): AsyncGenerator<Secret> {
233
+ const pageReq: ListSecretsRequest = {...req};
234
+ for (;;) {
235
+ const resp = await this.listSecrets(pageReq, options);
236
+ for (const item of resp.secrets ?? []) {
237
+ yield item;
238
+ }
239
+ if (resp.nextPageToken === undefined || resp.nextPageToken === '') {
240
+ return;
241
+ }
242
+ pageReq.pageToken = resp.nextPageToken;
243
+ }
244
+ }
245
+
246
+ /**
247
+ * Updates an existing secret in Unity Catalog.
248
+ *
249
+ * You must be the owner of the secret or a metastore admin. If you are a metastore
250
+ * admin, only the **owner** field can be changed.
251
+ *
252
+ * Use the **update_mask** field to specify which fields to update. Supported updatable fields
253
+ * include **value**, **comment**, **owner**, and **expire_time**.
254
+ */
255
+ async updateSecret(
256
+ req: UpdateSecretRequest,
257
+ options?: CallOptions
258
+ ): Promise<Secret> {
259
+ const url = `${this.host}/api/2.1/unity-catalog/secrets/${req.fullName ?? ''}`;
260
+ const params = new URLSearchParams();
261
+ if (req.updateMask !== undefined) {
262
+ params.append('update_mask', req.updateMask.toString());
263
+ }
264
+ const query = params.toString();
265
+ const fullUrl = query !== '' ? `${url}?${query}` : url;
266
+ const body = marshalRequest(req.secret, marshalSecretSchema);
267
+ let resp: Secret | undefined;
268
+ const call: Call = async (callSignal?: AbortSignal): Promise<void> => {
269
+ const headers = new Headers({'Content-Type': 'application/json'});
270
+ if (this.workspaceId !== undefined) {
271
+ headers.set('X-Databricks-Org-Id', this.workspaceId);
272
+ }
273
+ headers.set('User-Agent', this.userAgent);
274
+ const httpReq = buildHttpRequest(
275
+ 'PATCH',
276
+ fullUrl,
277
+ headers,
278
+ callSignal,
279
+ body
280
+ );
281
+ const respBody = await executeHttpCall({
282
+ request: httpReq,
283
+ httpClient: this.httpClient,
284
+ logger: this.logger,
285
+ });
286
+ resp = parseResponse(respBody, unmarshalSecretSchema);
287
+ };
288
+ await executeCall(call, options);
289
+ if (resp === undefined) {
290
+ throw new Error('API call completed without a result.');
291
+ }
292
+ return resp;
293
+ }
294
+ }
@@ -0,0 +1,15 @@
1
+ // Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
2
+
3
+ export {SecretsClient} from './client';
4
+
5
+ export type {
6
+ CreateSecretRequest,
7
+ DeleteSecretRequest,
8
+ GetSecretRequest,
9
+ ListSecretsRequest,
10
+ ListSecretsResponse,
11
+ Secret,
12
+ UpdateSecretRequest,
13
+ } from './model';
14
+
15
+ export {secretFieldMask} from './model';
@@ -0,0 +1,296 @@
1
+ // Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
2
+
3
+ import {Temporal} from '@js-temporal/polyfill';
4
+ import {FieldMask} from '@databricks/sdk-core/wkt';
5
+ import type {FieldMaskSchema} from '@databricks/sdk-core/wkt';
6
+ import {z} from 'zod';
7
+
8
+ /** Request message for CreateSecret. */
9
+ export interface CreateSecretRequest {
10
+ /**
11
+ * The secret object to create. The **name**, **catalog_name**, **schema_name**, and **value**
12
+ * fields are required.
13
+ */
14
+ secret?: Secret | undefined;
15
+ }
16
+
17
+ /** Request message for DeleteSecret. */
18
+ export interface DeleteSecretRequest {
19
+ /**
20
+ * The three-level (fully qualified) name of the secret
21
+ * (for example, **catalog_name.schema_name.secret_name**).
22
+ */
23
+ fullName?: string | undefined;
24
+ }
25
+
26
+ /** Request message for GetSecret. */
27
+ export interface GetSecretRequest {
28
+ /**
29
+ * The three-level (fully qualified) name of the secret
30
+ * (for example, **catalog_name.schema_name.secret_name**).
31
+ */
32
+ fullName?: string | undefined;
33
+ /**
34
+ * Whether to include secrets in the response for which you only have the **BROWSE** privilege,
35
+ * which limits access to metadata.
36
+ */
37
+ includeBrowse?: boolean | undefined;
38
+ }
39
+
40
+ /** Request message for ListSecrets. */
41
+ export interface ListSecretsRequest {
42
+ /**
43
+ * The name of the catalog under which to list secrets. Both **catalog_name** and
44
+ * **schema_name** must be specified together.
45
+ */
46
+ catalogName?: string | undefined;
47
+ /**
48
+ * The name of the schema under which to list secrets. Both **catalog_name** and
49
+ * **schema_name** must be specified together.
50
+ */
51
+ schemaName?: string | undefined;
52
+ /**
53
+ * Whether to include secrets in the response for which you only have the **BROWSE** privilege,
54
+ * which limits access to metadata.
55
+ */
56
+ includeBrowse?: boolean | undefined;
57
+ /**
58
+ * Opaque pagination token to go to the next page based on previous query. The maximum page length
59
+ * is determined by a server configured value.
60
+ */
61
+ pageToken?: string | undefined;
62
+ /**
63
+ * Maximum number of secrets to return.
64
+ *
65
+ * - If not specified, at most 10000 secrets are returned.
66
+ * - If set to a value greater than 0, the page length is the minimum of this value and 10000.
67
+ * - If set to 0, the page length is set to 10000.
68
+ * - If set to a value less than 0, an invalid parameter error is returned.
69
+ */
70
+ pageSize?: number | undefined;
71
+ }
72
+
73
+ /** Response message for ListSecrets. */
74
+ export interface ListSecretsResponse {
75
+ /** An array of secret objects. */
76
+ secrets?: Secret[] | undefined;
77
+ /**
78
+ * Opaque token to retrieve the next page of results. Absent if there are no more pages.
79
+ * **page_token** should be set to this value for the next request.
80
+ */
81
+ nextPageToken?: string | undefined;
82
+ }
83
+
84
+ /**
85
+ * A secret stored in Unity Catalog. Secrets are three-level namespace objects
86
+ * (catalog.schema.secret) that securely store sensitive credential data such as
87
+ * passwords, tokens, and keys.
88
+ */
89
+ export interface Secret {
90
+ /** The name of the secret, relative to its parent schema. */
91
+ name?: string | undefined;
92
+ /**
93
+ * The owner of the secret. Defaults to the creating principal on creation. Can be updated to
94
+ * transfer ownership of the secret to another principal.
95
+ */
96
+ owner?: string | undefined;
97
+ /**
98
+ * The effective owner of the secret, which may differ from the directly-set **owner** due to
99
+ * inheritance.
100
+ */
101
+ effectiveOwner?: string | undefined;
102
+ /** Unique identifier of the metastore hosting the secret. */
103
+ metastoreId?: string | undefined;
104
+ /** The time at which this secret was created. */
105
+ createTime?: Temporal.Instant | undefined;
106
+ /** The principal that created the secret. */
107
+ createdBy?: string | undefined;
108
+ /** The time at which this secret was last updated. */
109
+ updateTime?: Temporal.Instant | undefined;
110
+ /** The principal that last updated the secret. */
111
+ updatedBy?: string | undefined;
112
+ /** User-provided free-form text description of the secret. */
113
+ comment?: string | undefined;
114
+ /** The three-level (fully qualified) name of the secret, in the form of **catalog_name.schema_name.secret_name**. */
115
+ fullName?: string | undefined;
116
+ /** The name of the catalog where the schema and the secret reside. */
117
+ catalogName?: string | undefined;
118
+ /** The name of the schema where the secret resides. */
119
+ schemaName?: string | undefined;
120
+ /**
121
+ * The secret value to store. This field is input-only and is not returned in responses — use
122
+ * the **effective_value** field (via GetSecret with **include_value** set to true) to read the
123
+ * secret value. The maximum size is 60 KiB (pre-encryption). Accepted content includes
124
+ * passwords, tokens, keys, and other sensitive credential data.
125
+ */
126
+ value?: string | undefined;
127
+ /**
128
+ * The secret value. Only populated in responses when you have the **READ_SECRET**
129
+ * privilege and **include_value** is set to true in the request. The maximum size is 60 KiB.
130
+ */
131
+ effectiveValue?: string | undefined;
132
+ /**
133
+ * Indicates whether the principal is limited to retrieving metadata for the associated object
134
+ * through the **BROWSE** privilege when **include_browse** is enabled in the request.
135
+ */
136
+ browseOnly?: boolean | undefined;
137
+ /**
138
+ * User-provided expiration time of the secret. This field indicates when the secret should no
139
+ * longer be used and may be displayed as a warning in the UI. It is purely informational and
140
+ * does not trigger any automatic actions or affect the secret's lifecycle.
141
+ */
142
+ expireTime?: Temporal.Instant | undefined;
143
+ externalSecretId?: string | undefined;
144
+ }
145
+
146
+ /** Request message for UpdateSecret. */
147
+ export interface UpdateSecretRequest {
148
+ /**
149
+ * The three-level (fully qualified) name of the secret
150
+ * (for example, **catalog_name.schema_name.secret_name**).
151
+ */
152
+ fullName?: string | undefined;
153
+ /**
154
+ * The secret object containing the fields to update. Only fields specified in **update_mask**
155
+ * will be updated.
156
+ */
157
+ secret?: Secret | undefined;
158
+ /**
159
+ * The field mask specifying which fields of the secret to update. Supported fields: **value**,
160
+ * **comment**, **owner**, **expire_time**.
161
+ */
162
+ updateMask?: FieldMask<Secret> | undefined;
163
+ }
164
+
165
+ export const unmarshalListSecretsResponseSchema: z.ZodType<ListSecretsResponse> =
166
+ z
167
+ .object({
168
+ secrets: z.array(z.lazy(() => unmarshalSecretSchema)).optional(),
169
+ next_page_token: z.string().optional(),
170
+ })
171
+ .transform(d => ({
172
+ secrets: d.secrets,
173
+ nextPageToken: d.next_page_token,
174
+ }));
175
+
176
+ export const unmarshalSecretSchema: z.ZodType<Secret> = z
177
+ .object({
178
+ name: z.string().optional(),
179
+ owner: z.string().optional(),
180
+ effective_owner: z.string().optional(),
181
+ metastore_id: z.string().optional(),
182
+ create_time: z
183
+ .string()
184
+ .transform(s => Temporal.Instant.from(s))
185
+ .optional(),
186
+ created_by: z.string().optional(),
187
+ update_time: z
188
+ .string()
189
+ .transform(s => Temporal.Instant.from(s))
190
+ .optional(),
191
+ updated_by: z.string().optional(),
192
+ comment: z.string().optional(),
193
+ full_name: z.string().optional(),
194
+ catalog_name: z.string().optional(),
195
+ schema_name: z.string().optional(),
196
+ value: z.string().optional(),
197
+ effective_value: z.string().optional(),
198
+ browse_only: z.boolean().optional(),
199
+ expire_time: z
200
+ .string()
201
+ .transform(s => Temporal.Instant.from(s))
202
+ .optional(),
203
+ external_secret_id: z.string().optional(),
204
+ })
205
+ .transform(d => ({
206
+ name: d.name,
207
+ owner: d.owner,
208
+ effectiveOwner: d.effective_owner,
209
+ metastoreId: d.metastore_id,
210
+ createTime: d.create_time,
211
+ createdBy: d.created_by,
212
+ updateTime: d.update_time,
213
+ updatedBy: d.updated_by,
214
+ comment: d.comment,
215
+ fullName: d.full_name,
216
+ catalogName: d.catalog_name,
217
+ schemaName: d.schema_name,
218
+ value: d.value,
219
+ effectiveValue: d.effective_value,
220
+ browseOnly: d.browse_only,
221
+ expireTime: d.expire_time,
222
+ externalSecretId: d.external_secret_id,
223
+ }));
224
+
225
+ export const marshalSecretSchema: z.ZodType = z
226
+ .object({
227
+ name: z.string().optional(),
228
+ owner: z.string().optional(),
229
+ effectiveOwner: z.string().optional(),
230
+ metastoreId: z.string().optional(),
231
+ createTime: z
232
+ .any()
233
+ .transform((d: Temporal.Instant) => d.toString())
234
+ .optional(),
235
+ createdBy: z.string().optional(),
236
+ updateTime: z
237
+ .any()
238
+ .transform((d: Temporal.Instant) => d.toString())
239
+ .optional(),
240
+ updatedBy: z.string().optional(),
241
+ comment: z.string().optional(),
242
+ fullName: z.string().optional(),
243
+ catalogName: z.string().optional(),
244
+ schemaName: z.string().optional(),
245
+ value: z.string().optional(),
246
+ effectiveValue: z.string().optional(),
247
+ browseOnly: z.boolean().optional(),
248
+ expireTime: z
249
+ .any()
250
+ .transform((d: Temporal.Instant) => d.toString())
251
+ .optional(),
252
+ externalSecretId: z.string().optional(),
253
+ })
254
+ .transform(d => ({
255
+ name: d.name,
256
+ owner: d.owner,
257
+ effective_owner: d.effectiveOwner,
258
+ metastore_id: d.metastoreId,
259
+ create_time: d.createTime,
260
+ created_by: d.createdBy,
261
+ update_time: d.updateTime,
262
+ updated_by: d.updatedBy,
263
+ comment: d.comment,
264
+ full_name: d.fullName,
265
+ catalog_name: d.catalogName,
266
+ schema_name: d.schemaName,
267
+ value: d.value,
268
+ effective_value: d.effectiveValue,
269
+ browse_only: d.browseOnly,
270
+ expire_time: d.expireTime,
271
+ external_secret_id: d.externalSecretId,
272
+ }));
273
+
274
+ const secretFieldMaskSchema: FieldMaskSchema = {
275
+ browseOnly: {wire: 'browse_only'},
276
+ catalogName: {wire: 'catalog_name'},
277
+ comment: {wire: 'comment'},
278
+ createTime: {wire: 'create_time'},
279
+ createdBy: {wire: 'created_by'},
280
+ effectiveOwner: {wire: 'effective_owner'},
281
+ effectiveValue: {wire: 'effective_value'},
282
+ expireTime: {wire: 'expire_time'},
283
+ externalSecretId: {wire: 'external_secret_id'},
284
+ fullName: {wire: 'full_name'},
285
+ metastoreId: {wire: 'metastore_id'},
286
+ name: {wire: 'name'},
287
+ owner: {wire: 'owner'},
288
+ schemaName: {wire: 'schema_name'},
289
+ updateTime: {wire: 'update_time'},
290
+ updatedBy: {wire: 'updated_by'},
291
+ value: {wire: 'value'},
292
+ };
293
+
294
+ export function secretFieldMask(...paths: string[]): FieldMask<Secret> {
295
+ return FieldMask.build<Secret>(paths, secretFieldMaskSchema);
296
+ }
@@ -0,0 +1,73 @@
1
+ // Code generated from API definition by Databricks SDK Generator. DO NOT EDIT.
2
+
3
+ import type {Credentials} from '@databricks/sdk-auth';
4
+ import {defaultCredentials} from '@databricks/sdk-auth/credentials';
5
+ import type {
6
+ HttpClient,
7
+ HttpRequest,
8
+ HttpResponse,
9
+ } from '@databricks/sdk-core/http';
10
+ import {newFetchHttpClient} from '@databricks/sdk-core/http';
11
+ import type {ClientOptions} from '@databricks/sdk-options/client';
12
+
13
+ /** Creates a new HTTP client with the given options. */
14
+ export function newHttpClient(options?: ClientOptions): HttpClient {
15
+ const opts = options ?? {};
16
+
17
+ // If an HTTP client is provided, use it as-is. Throw if other options are
18
+ // also set, since they would be silently ignored.
19
+ if (opts.httpClient !== undefined) {
20
+ if (opts.credentials !== undefined || opts.timeout !== undefined) {
21
+ throw new Error(
22
+ 'httpClient cannot be combined with credentials or timeout'
23
+ );
24
+ }
25
+ return opts.httpClient;
26
+ }
27
+
28
+ const credentials = opts.credentials ?? defaultCredentials();
29
+
30
+ const base = newFetchHttpClient();
31
+ let client: HttpClient = new AuthHttpClient(base, credentials);
32
+
33
+ if (opts.timeout !== undefined) {
34
+ client = new TimeoutHttpClient(client, opts.timeout);
35
+ }
36
+
37
+ return client;
38
+ }
39
+
40
+ /** Wraps an HttpClient and adds authentication headers to requests. */
41
+ class AuthHttpClient implements HttpClient {
42
+ constructor(
43
+ private readonly base: HttpClient,
44
+ private readonly credentials: Credentials
45
+ ) {}
46
+
47
+ async send(request: HttpRequest): Promise<HttpResponse> {
48
+ const authHeaders = await this.credentials.authHeaders();
49
+ // Do not modify the original request.
50
+ const headers = new Headers(request.headers);
51
+ for (const h of authHeaders) {
52
+ headers.set(h.key, h.value);
53
+ }
54
+ return this.base.send({...request, headers});
55
+ }
56
+ }
57
+
58
+ /** Wraps an HttpClient and applies a default timeout to requests. */
59
+ class TimeoutHttpClient implements HttpClient {
60
+ constructor(
61
+ private readonly base: HttpClient,
62
+ private readonly timeout: number
63
+ ) {}
64
+
65
+ async send(request: HttpRequest): Promise<HttpResponse> {
66
+ const timeoutSignal = AbortSignal.timeout(this.timeout);
67
+ const signal =
68
+ request.signal !== undefined
69
+ ? AbortSignal.any([request.signal, timeoutSignal])
70
+ : timeoutSignal;
71
+ return this.base.send({...request, signal});
72
+ }
73
+ }