terraform-provider-databricks icon indicating copy to clipboard operation
terraform-provider-databricks copied to clipboard
verified publisher icon databricks

Add `http_headers` and `http_path_prefix` provider configuration options for HTTP proxy support

Open cjoy opened this issue 4 months ago • 3 comments

Added two new provider configuration options to support HTTP proxy scenarios where custom headers or URL path rewriting are required:

  • http_headers - A map of custom HTTP headers added to all API requests (marked as sensitive)
  • http_path_prefix - A path prefix prepended to all API request URLs

Changes:

  • Core Implementation (internal/providers/client/databricks_client.go):

    • Added HTTPConfig struct to hold custom headers and path prefix
    • Added httpTransportWrapper implementing http.RoundTripper that injects headers and prepends path prefix
    • Modified PrepareDatabricksClient to accept optional *HTTPConfig and configure HTTP transport

  • SDKv2 Provider (internal/providers/sdkv2/sdkv2.go):

    • Added http_headers schema field (TypeMap, optional, sensitive)
    • Added http_path_prefix schema field (TypeString, optional)
    • Updated ConfigureDatabricksClient to read and pass HTTP config

  • Plugin Framework Provider (internal/providers/pluginfw/pluginfw.go):

    • Added http_headers schema field (MapAttribute with StringType)
    • Added http_path_prefix schema field (StringAttribute)
    • Updated configureDatabricksClient to read and pass HTTP config

  • Unit Tests:

    • internal/providers/client/databricks_client_test.go: Tests for httpTransportWrapper RoundTrip behavior
    • internal/providers/sdkv2/sdkv2_test.go: Schema validation and configuration tests

Implementation Details:

  • Uses Go SDK's HTTPTransport field to inject a custom http.RoundTripper
  • Headers are set on each request via req.Header.Set()
  • Path prefix is prepended to req.URL.Path (trailing slashes are trimmed)
  • Both SDKv2 and Plugin Framework providers share the same underlying client configuration
  • http_headers is marked as sensitive to avoid logging credentials

Example Usage:

provider "databricks" {
  host  = "https://proxy.example.com"
  token = "your-token"

  http_headers = {
    "X-Custom-Auth" = "auth-value"
  }

  http_path_prefix = "/proxy"
}

Tests

  • [x] make test runs locally (2615 tests pass)
  • [x] relevant change in docs/ folder
  • [x] unit tests for HTTP transport wrapper and schema
  • [x] using Go SDK (config.HTTPTransport)
  • [x] using TF Plugin Framework
  • [x] has entry in NEXT_CHANGELOG.md file

cjoy avatar Nov 27 '25 07:11 cjoy

IMHO, it should be done in Go SDK and only then exposed to TF

alexott avatar Nov 27 '25 07:11 alexott

IMHO, it should be done in Go SDK and only then exposed to TF

@alexott Fair point. I've raised a PR here: https://github.com/databricks/databricks-sdk-go/pull/1340

cjoy avatar Nov 27 '25 07:11 cjoy

If integration tests don't run automatically, an authorized user can run them manually by following the instructions below:

Trigger: go/deco-tests-run/terraform

Inputs:

  • PR number: 5232
  • Commit SHA: 51b81181319d99e26edfc8ffb758f5aba38b4fd6

Checks will be approved automatically on success.

github-actions[bot] avatar Nov 28 '25 13:11 github-actions[bot]