Skip to content

Add interactive profile picker to auth logout#4616

Open
mihaimitrea-db wants to merge 10 commits intomainfrom
mihaimitrea-db/stack/auth_logout_profile_picker
Open

Add interactive profile picker to auth logout#4616
mihaimitrea-db wants to merge 10 commits intomainfrom
mihaimitrea-db/stack/auth_logout_profile_picker

Conversation

@mihaimitrea-db
Copy link
Collaborator

@mihaimitrea-db mihaimitrea-db commented Feb 27, 2026
edited
Loading

🥞 Stacked PR

Use this link to review incremental changes.

When --profile is not specified in an interactive terminal, show a searchable prompt listing all configured profiles. Profiles are sorted alphabetically and displayed with their host or account ID. The picker supports fuzzy search by name, host, or account ID.

Changes

  • When --profile is omitted in an interactive terminal, show a searchable prompt listing all configured profiles sorted alphabetically. Profiles display their host or account ID, and support fuzzy search by name, host, or account ID.
  • Expand the command's long help text to document all four interaction modes (explicit --profile, interactive picker, non-interactive error, --force).

Tests

  • Existing unit tests from #4613 continue to pass (profile picker is only triggered in interactive mode, which tests mock as non-interactive).
  • Manual testing with multiple profiles to verify picker display, search, and selection.

@mihaimitrea-db mihaimitrea-db mentioned this pull request Feb 27, 2026
Open
@eng-dev-ecosystem-bot
Copy link
Collaborator

eng-dev-ecosystem-bot commented Feb 27, 2026
edited
Loading

Commit: a87d5a2

Run: 22579605530

Env 🟨​KNOWN 🔄​flaky 💚​RECOVERED 🙈​SKIP ✅​pass 🙈​skip Time
🟨​ aws linux 7 1 7 268 775 7:12
🟨​ aws windows 7 1 7 270 773 6:52
💚​ aws-ucws linux 8 7 364 691 7:40
💚​ aws-ucws windows 8 7 366 689 6:29
🔄​ azure linux 3 1 9 269 773 7:19
💚​ azure windows 2 9 273 771 6:31
💚​ azure-ucws linux 2 9 369 687 7:29
💚​ azure-ucws windows 2 9 371 685 5:36
💚​ gcp linux 2 9 267 776 7:26
💚​ gcp windows 2 9 269 774 5:52
17 interesting tests: 7 KNOWN, 7 SKIP, 2 flaky, 1 RECOVERED
Test Name aws linux aws windows aws-ucws linux aws-ucws windows azure linux azure windows azure-ucws linux azure-ucws windows gcp linux gcp windows
🟨​ TestAccept 🟨​K 🟨​K 💚​R 💚​R 🔄​f 💚​R 💚​R 💚​R 💚​R 💚​R
🔄​ TestAccept/bundle/destroy/jobs-and-pipeline ✅​p ✅​p ✅​p ✅​p 🔄​f ✅​p ✅​p ✅​p ✅​p ✅​p
🔄​ TestAccept/bundle/destroy/jobs-and-pipeline/DATABRICKS_BUNDLE_ENGINE=direct ✅​p ✅​p ✅​p ✅​p 🔄​f ✅​p ✅​p ✅​p ✅​p ✅​p
🙈​ TestAccept/bundle/resources/permissions 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/with_permissions 🟨​K 🟨​K 💚​R 💚​R 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/with_permissions/DATABRICKS_BUNDLE_ENGINE=direct 🟨​K 🟨​K 💚​R 💚​R
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/with_permissions/DATABRICKS_BUNDLE_ENGINE=terraform 🟨​K 🟨​K 💚​R 💚​R
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/without_permissions 🟨​K 🟨​K 💚​R 💚​R 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/without_permissions/DATABRICKS_BUNDLE_ENGINE=direct 🟨​K 🟨​K 💚​R 💚​R
🟨​ TestAccept/bundle/resources/permissions/jobs/destroy_without_mgmtperms/without_permissions/DATABRICKS_BUNDLE_ENGINE=terraform 🟨​K 🟨​K 💚​R 💚​R
🙈​ TestAccept/bundle/resources/postgres_branches/basic 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/postgres_branches/recreate 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/postgres_branches/update_protected 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/postgres_branches/without_branch_id 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/postgres_endpoints/recreate 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
🙈​ TestAccept/bundle/resources/synced_database_tables/basic 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S 🙈​S
💚​ TestAccept/ssh/connection 💚​R 💚​R 💚​R 💚​R 💚​R 💚​R 💚​R 💚​R 💚​R 💚​R
Top 23 slowest tests (at least 2 minutes):
duration env testname
3:46 azure windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
3:40 gcp linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
3:29 gcp windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
3:21 aws-ucws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
3:20 gcp windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
3:20 azure windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
3:13 gcp linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:51 aws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:49 aws-ucws linux TestAccept
2:44 aws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:41 aws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:40 aws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:40 aws-ucws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:39 aws-ucws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:39 azure-ucws linux TestAccept
2:33 aws-ucws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:31 gcp linux TestAccept
2:17 azure-ucws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:15 azure linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:13 azure-ucws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=terraform
2:08 azure-ucws windows TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:08 azure-ucws linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct
2:07 azure linux TestAccept/bundle/resources/apps/inline_config/DATABRICKS_BUNDLE_ENGINE=direct

simonfaltum
simonfaltum reviewed Feb 27, 2026
View reviewed changes
Copy link
Member

@simonfaltum simonfaltum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! I left some comments

cmd/auth/logout.go Outdated
Comment on lines +129 to +135
configPath := args.configFilePath
if configPath == "" {
configPath = "~/.databrickscfg"
}
err := cmdio.RenderWithTemplate(ctx, map[string]string{
"ProfileName": args.profileName,
"ConfigPath": configPath,
Copy link
Member

@simonfaltum simonfaltum Feb 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"~/.databrickscfg" appears as a fallback here and also as defaultConfigPath at line 31. Consider reusing the constant (or better, resolving the actual path from the profiler/config).

@mihaimitrea-db mihaimitrea-db self-assigned this Mar 2, 2026
@mihaimitrea-db mihaimitrea-db force-pushed the mihaimitrea-db/stack/auth_logout_profile_picker branch from bf46cfd to f374e5a Compare March 2, 2026 10:33
@mihaimitrea-db
Add auth logout command with --profile and --force flags
2a17d15 
Implement the initial version of databricks auth logout which removes a profile from ~/.databrickscfg and clears associated OAuth tokens from the token cache.

This iteration supports explicit profile selection via --profile and a --force flag to skip the confirmation prompt. Interactive profile selection will be added in a follow-up.

Token cache cleanup is best-effort: the profile-keyed token is always removed, and the host-keyed token is removed only when no other profile references the same host.
@mihaimitrea-db
Improve auth logout confirmation with styled warning template
a9dcdbc 
Replace plain fmt.Sprintf confirmation prompt with a structured template using cmdio.RenderWithTemplate. The warning now uses color and bold formatting to clearly highlight the profile name, config path, and consequences before prompting for confirmation.
@mihaimitrea-db
Address auth logout review feedback
20422b8 
Resolve config path from the profiler instead of hardcoding fallbacks. Delete the profile before clearing the token cache so a config write failure does not leave tokens removed. Fix token cleanup for account and unified profiles by computing the correct OIDC cache key (host/oidc/accounts/<account_id>). Drop the nil profiler guard, add a success message on logout, and extract backupConfigFile in ops.go to remove duplication. Consolidate token cleanup tests into a table-driven test covering shared hosts, unique hosts, account, and unified profiles.
@mihaimitrea-db
Consolidate logout tests
5f039b9 
Merge shared-host token deletion verification into one main parametrized test by addding the hostBasedKey and isSharedKey parameters to each case. This replaces the TestLogoutTokenCacheCleanup test with an assertion: host-based keys are preserved when another profile shares the same host, and deleted otherwise.
@mihaimitrea-db mihaimitrea-db force-pushed the mihaimitrea-db/stack/auth_logout_profile_picker branch from f374e5a to c903ed8 Compare March 2, 2026 11:42
@mihaimitrea-db
Fix and improve failing DeleteProfile tests
fdfe720 
Rewrite the test to use inline config seeds and explicit expected state. Add cases for deleting the last non-default profile, deleting a unified host profile with multiple keys, and deleting the DEFAULT section.
@mihaimitrea-db mihaimitrea-db force-pushed the mihaimitrea-db/stack/auth_logout_profile_picker branch from c903ed8 to 889b7ca Compare March 2, 2026 12:11
@mihaimitrea-db mihaimitrea-db force-pushed the mihaimitrea-db/stack/auth_logout_profile_picker branch from 889b7ca to 7a39778 Compare March 2, 2026 12:45
@mihaimitrea-db
Removed redundant test case from logout
0ca6e59
@mihaimitrea-db
Add interactive profile picker to auth logout
e1a652d 
When --profile is not specified in an interactive terminal, show a
searchable prompt listing all configured profiles. Profiles are sorted
alphabetically and displayed with their host or account ID. The picker
supports fuzzy search by name, host, or account ID.
@mihaimitrea-db
Expand auth logout long description with usage details
67eff3f 
Document the four interaction modes (explicit profile, interactive
picker, non-interactive error, and --force) in the command's long
help text.
@mihaimitrea-db mihaimitrea-db force-pushed the mihaimitrea-db/stack/auth_logout_profile_picker branch from 7a39778 to 67eff3f Compare March 2, 2026 13:27
@mihaimitrea-db mihaimitrea-db linked an issue Mar 2, 2026 that may be closed by this pull request
[Feature] Add logout command #1639
Open
@mihaimitrea-db mihaimitrea-db marked this pull request as ready for review March 2, 2026 14:07
simonfaltum
simonfaltum reviewed Mar 2, 2026
View reviewed changes
cmd/auth/logout.go
Comment on lines +201 to +203
slices.SortFunc(allProfiles, func(a, b profile.Profile) int {
return strings.Compare(strings.ToLower(a.Name), strings.ToLower(b.Name))
})
Copy link
Member

@simonfaltum simonfaltum Mar 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we always sort profiles alphabetically? I'd think we just want to show them in the order they were added (or alternatively last used or most used but we don't log that anywhere..)

simonfaltum
simonfaltum reviewed Mar 2, 2026
View reviewed changes
cmd/auth/logout.go
// promptForLogoutProfile shows an interactive profile picker for logout.
// Account profiles are displayed as "name (account: id)", workspace profiles
// as "name (host)".
func promptForLogoutProfile(ctx context.Context, profiler profile.Profiler) (string, error) {
Copy link
Member

@simonfaltum simonfaltum Mar 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is good work but did you look through the codebase for similar patterns?
I think the closest existing pattern is promptForProfileSelection in cmd/auth/token.go (line ~368), which already handles an "all profiles" picker with search by name/host and the StartInSearchMode: len(profiles) > 5 pattern.
I think we are re-implementing much of this logic, which maybe is justified but it might be worth it to make a component we could re-use broadly as selecting profile interactively is something we will have to do multiple times. I think in auth token it lets you create a new profile also, which is probably not something we want to do in logout 😃

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simonfaltum simonfaltum simonfaltum left review comments

@andrewnester andrewnester Awaiting requested review from andrewnester andrewnester is a code owner

@anton-107 anton-107 Awaiting requested review from anton-107 anton-107 is a code owner

@denik denik Awaiting requested review from denik denik is a code owner

@pietern pietern Awaiting requested review from pietern pietern is a code owner

@shreyas-goenka shreyas-goenka Awaiting requested review from shreyas-goenka shreyas-goenka is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@mihaimitrea-db mihaimitrea-db

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Feature] Add logout command

3 participants

@mihaimitrea-db @eng-dev-ecosystem-bot @simonfaltum