Add consolidated manage_secrets tool (scopes and secrets CRUD)#417
Closed
jralfonsog wants to merge 8 commits intodatabricks-solutions:mainfrom
Closed
Add consolidated manage_secrets tool (scopes and secrets CRUD)#417jralfonsog wants to merge 8 commits intodatabricks-solutions:mainfrom
jralfonsog wants to merge 8 commits intodatabricks-solutions:mainfrom
Conversation
Scope CRUD (create, list, delete) and secret operations (put, get, list, delete). get_secret defaults to metadata-only (exists + byte length) to prevent leaking values into LLM context. Full value retrieval is opt-in via return_value=True for programmatic use only. Co-authored-by: Isaac
7 tools: create/list/delete scopes, put/get/list/delete secrets. get_secret returns metadata only (exists + byte length) — secret values are never exposed to the LLM. Scope create/delete integrates with manifest resource tracking. Co-authored-by: Isaac
Covers create/list/delete scopes, put/get/list/delete secrets, metadata-only vs full-value get_secret modes, validation errors, and not-found handling. Co-authored-by: Isaac
- Docstrings: opening """ on its own line - MCP module header: add tool listing - Returns sections: bullet list format for dict keys - Manifest imports: late imports in try blocks - Idempotent create: create_secret_scope returns created flag on ResourceAlreadyExists - MCP tool renamed to create_or_update_secret_scope Co-authored-by: Isaac
Co-authored-by: Isaac
jralfonsog
force-pushed
the
feat/secrets-management
branch
from
962cc24 to
ea89315
Compare
Replace 7 separate MCP tools with a single manage_secrets(action=...) tool following the consolidation pattern from PR databricks-solutions#394. Actions: create_scope, list_scopes, delete_scope, put, get, list, delete. Adds manifest tracking via direct imports instead of lazy imports. Co-authored-by: Isaac
25 unit tests covering all 7 actions: happy paths, missing required params, manifest tracking/removal, case insensitivity, and invalid action handling. Tests call _manage_secrets_impl directly to avoid MCP decorator overhead. Co-authored-by: Isaac
Replace 7 individual tool references with single manage_secrets(action=...) table. Update all code examples to use the consolidated tool signature. Co-authored-by: Isaac
jralfonsog
changed the title
Collaborator
|
Thank you for the contribution! While we don't think this content aligns with what we're looking for at this time — we're actively monitoring tool and skill bloat, and require use of our testing framework for contributions to be merged — we appreciate you opening these PRs! While I can't see your name on GitHub, if you're at Databricks feel free to reach out on Slack. 👍 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
manage_secrets(action=...)— 7 actions for managing secret scopes and secretsdatabricks-secretsskill with consolidated tool examplesTool consolidation
create_scopelist_scopesdelete_scopeputgetlistdeleteIncludes manifest tracking (
track_resource/remove_resource) on scope create/delete.Test plan
This pull request was AI-assisted by Isaac.