make fmt

nkvuong · nkvuong · commit 6a4b042d29be · 2024-03-12T16:55:54.000Z
diff --git a/src/databricks/labs/ucx/cli.py b/src/databricks/labs/ucx/cli.py
@@ -203,12 +203,12 @@ def revert_migrated_tables(w: WorkspaceClient, schema: str, table: str, *, delet
 
 @ucx.command
 def move(
-        w: WorkspaceClient,
-        from_catalog: str,
-        from_schema: str,
-        from_table: str,
-        to_catalog: str,
-        to_schema: str,
+    w: WorkspaceClient,
+    from_catalog: str,
+    from_schema: str,
+    from_table: str,
+    to_catalog: str,
+    to_schema: str,
 ):
     """move a uc table/tables from one schema to another schema in same or different catalog"""
     logger.info("Running move command")
@@ -230,12 +230,12 @@ def move(
 
 @ucx.command
 def alias(
-        w: WorkspaceClient,
-        from_catalog: str,
-        from_schema: str,
-        from_table: str,
-        to_catalog: str,
-        to_schema: str,
+    w: WorkspaceClient,
+    from_catalog: str,
+    from_schema: str,
+    from_table: str,
+    to_catalog: str,
+    to_schema: str,
 ):
     """move a uc table/tables from one schema to another schema in same or different catalog"""
     if from_catalog == "" or to_catalog == "":
@@ -253,13 +253,13 @@ def alias(
 
 
 def _execute_for_cloud(
-        w: WorkspaceClient,
-        func_azure: Callable,
-        func_aws: Callable,
-        azure_resource_permissions: AzureResourcePermissions | None = None,
-        subscription_id: str | None = None,
-        aws_permissions: AWSResourcePermissions = None,
-        aws_profile: str | None = None,
+    w: WorkspaceClient,
+    func_azure: Callable,
+    func_aws: Callable,
+    azure_resource_permissions: AzureResourcePermissions | None = None,
+    subscription_id: str | None = None,
+    aws_permissions: AWSResourcePermissions | None = None,
+    aws_profile: str | None = None,
 ):
     if w.config.is_azure:
         if w.config.auth_type != "azure-cli":
@@ -287,66 +287,85 @@ def _execute_for_cloud(
 
 
 @ucx.command
-def create_uber_principal(w: WorkspaceClient, subscription_id: str | None = None,
-                          azure_resource_permissions: AzureResourcePermissions | None = None,
-                          aws_profile: str | None = None,
-                          aws_resource_permissions: AWSResourcePermissions | None = None):
+def create_uber_principal(
+    w: WorkspaceClient,
+    subscription_id: str | None = None,
+    azure_resource_permissions: AzureResourcePermissions | None = None,
+    aws_profile: str | None = None,
+    aws_resource_permissions: AWSResourcePermissions | None = None,
+):
     """For azure cloud, creates a service principal and gives STORAGE BLOB READER access on all the storage account
     used by tables in the workspace and stores the spn info in the UCX cluster policy. For aws,
     it identifies all s3 buckets used by the Instance Profiles configured in the workspace.
     Pass subscription_id for azure and aws_profile for aws."""
-    return _execute_for_cloud(w, _azure_setup_uber_principal, _aws_setup_uber_principal,
-                              azure_resource_permissions, subscription_id,
-                              aws_resource_permissions, aws_profile)
+    return _execute_for_cloud(
+        w,
+        _azure_setup_uber_principal,
+        _aws_setup_uber_principal,
+        azure_resource_permissions,
+        subscription_id,
+        aws_resource_permissions,
+        aws_profile,
+    )
 
 
-def _azure_setup_uber_principal(w: WorkspaceClient, subscription_id: str,
-                                azure_resource_permissions: AzureResourcePermissions = None):
+def _azure_setup_uber_principal(
+    w: WorkspaceClient, subscription_id: str, azure_resource_permissions: AzureResourcePermissions | None = None
+):
     prompts = Prompts()
     include_subscriptions = [subscription_id] if subscription_id else None
-    if not azure_resource_permissions:
+    if azure_resource_permissions is None:
         azure_resource_permissions = AzureResourcePermissions.for_cli(w, include_subscriptions=include_subscriptions)
     azure_resource_permissions.create_uber_principal(prompts)
 
 
-def _aws_setup_uber_principal(w: WorkspaceClient, aws_profile: str,
-                              aws_resource_permissions: AWSResourcePermissions = None):
+def _aws_setup_uber_principal(
+    w: WorkspaceClient, aws_profile: str, aws_resource_permissions: AWSResourcePermissions | None = None
+):
     prompts = Prompts()
     installation = Installation.current(w, 'ucx')
     config = installation.load(WorkspaceConfig)
     sql_backend = StatementExecutionBackend(w, config.warehouse_id)
     aws = AWSResources(aws_profile)
-    aws_resource_permissions = AWSResourcePermissions.for_cli(
-        w, installation, sql_backend, aws, config.inventory_database
-    )
+    if aws_resource_permissions is None:
+        aws_resource_permissions = AWSResourcePermissions.for_cli(
+            w, installation, sql_backend, aws, config.inventory_database
+        )
     aws_resource_permissions.create_uber_principal(prompts)
 
 
 @ucx.command
-def principal_prefix_access(w: WorkspaceClient,
-                            subscription_id: str | None = None,
-                            azure_resource_permissions: AzureResourcePermissions | None = None,
-                            aws_profile: str | None = None,
-                            aws_resource_permissions: AWSResourcePermissions | None = None
-                            ):
+def principal_prefix_access(
+    w: WorkspaceClient,
+    subscription_id: str | None = None,
+    azure_resource_permissions: AzureResourcePermissions | None = None,
+    aws_profile: str | None = None,
+    aws_resource_permissions: AWSResourcePermissions | None = None,
+):
     """For azure cloud, identifies all storage accounts used by tables in the workspace, identify spn and its
     permission on each storage accounts. For aws, identifies all the Instance Profiles configured in the workspace and
     its access to all the S3 buckets, along with AWS roles that are set with UC access and its access to S3 buckets.
     The output is stored in the workspace install folder.
     Pass subscription_id for azure and aws_profile for aws."""
     return _execute_for_cloud(
-        w, _azure_principal_prefix_access, _aws_principal_prefix_access, azure_resource_permissions,
-        subscription_id, aws_resource_permissions, aws_profile
+        w,
+        _azure_principal_prefix_access,
+        _aws_principal_prefix_access,
+        azure_resource_permissions,
+        subscription_id,
+        aws_resource_permissions,
+        aws_profile,
     )
 
 
-def _azure_principal_prefix_access(w: WorkspaceClient, subscription_id: str,
-                                   azure_resource_permissions: AzureResourcePermissions = None):
+def _azure_principal_prefix_access(
+    w: WorkspaceClient, subscription_id: str, azure_resource_permissions: AzureResourcePermissions | None = None
+):
     if w.config.auth_type != "azure-cli":
         logger.error("In order to obtain AAD token, Please run azure cli to authenticate.")
         return
     include_subscriptions = [subscription_id] if subscription_id else None
-    if not azure_resource_permissions:
+    if azure_resource_permissions is None:
         azure_resource_permissions = AzureResourcePermissions.for_cli(w, include_subscriptions=include_subscriptions)
     logger.info("Generating azure storage accounts and service principal permission info")
     path = azure_resource_permissions.save_spn_permissions()
@@ -355,8 +374,9 @@ def _azure_principal_prefix_access(w: WorkspaceClient, subscription_id: str,
     return
 
 
-def _aws_principal_prefix_access(w: WorkspaceClient, aws_profile: str,
-                                 aws_resource_permissions: AWSResourcePermissions = None):
+def _aws_principal_prefix_access(
+    w: WorkspaceClient, aws_profile: str, aws_resource_permissions: AWSResourcePermissions | None = None
+):
     if not shutil.which("aws"):
         logger.error("Couldn't find AWS CLI in path. Please install the CLI from https://aws.amazon.com/cli/")
         return
@@ -365,9 +385,10 @@ def _aws_principal_prefix_access(w: WorkspaceClient, aws_profile: str,
     config = installation.load(WorkspaceConfig)
     sql_backend = StatementExecutionBackend(w, config.warehouse_id)
     aws = AWSResources(aws_profile)
-    if not aws_resource_permissions:
-        aws_resource_permissions = AWSResourcePermissions.for_cli(w, installation, sql_backend, aws,
-                                                                  config.inventory_database)
+    if aws_resource_permissions is None:
+        aws_resource_permissions = AWSResourcePermissions.for_cli(
+            w, installation, sql_backend, aws, config.inventory_database
+        )
     instance_role_path = aws_resource_permissions.save_instance_profile_permissions()
     logger.info(f"Instance profile and bucket info saved {instance_role_path}")
     logger.info("Generating UC roles and bucket permission info")
@@ -376,8 +397,7 @@ def _aws_principal_prefix_access(w: WorkspaceClient, aws_profile: str,
 
 
 @ucx.command
-def migrate_credentials(w: WorkspaceClient, aws_profile: str | None = None,
-                        aws_resources: AWSResources | None = None):
+def migrate_credentials(w: WorkspaceClient, aws_profile: str | None = None, aws_resources: AWSResources | None = None):
     """For Azure, this command migrates Azure Service Principals, which have Storage Blob Data Contributor,
     Storage Blob Data Reader, Storage Blob Data Owner roles on ADLS Gen2 locations that are being used in
     Databricks, to UC storage credentials.
diff --git a/tests/unit/test_cli.py b/tests/unit/test_cli.py
@@ -345,7 +345,7 @@ def test_migrate_credentials_aws(ws, mocker):
     ws.config.is_aws = True
     ws.config.is_gcp = False
     aws_resources = create_autospec(AWSResources)
-    aws_resources.validate_connection.return_value={"Account": "123456789012"}
+    aws_resources.validate_connection.return_value = {"Account": "123456789012"}
     with patch("databricks.labs.blueprint.tui.Prompts.confirm", return_value=True):
         migrate_credentials(ws, aws_profile="profile", aws_resources=aws_resources)
         ws.storage_credentials.list.assert_called()
