[PLAT-10247] Display Azure KeyVault URL for AKV-backed secret scope (#265)

* secrets akv

* style

Author: nkangdatabricks

databricks_cli/secrets/cli.py

@@ -34,7 +34,7 @@
 from databricks_cli.version import print_version_callback, version
 
 
-SCOPE_HEADER = ('Scope', 'Backend')
+SCOPE_HEADER = ('Scope', 'Backend', 'KeyVault URL')
 SECRET_HEADER = ('Key name', 'Last updated')
 ACL_HEADER = ('Principal', 'Permission')
 DASH_MARKER = '# ' + '-' * 70 + '\n'
@@ -64,7 +64,11 @@ def create_scope(api_client, scope, initial_manage_principal):
 def _scopes_to_table(scopes_json):
     ret = []
     for s in scopes_json.get('scopes', []):
-        ret.append((truncate_string(s['name']), s['backend_type']))
+        if "keyvault_metadata" in s:
+            url = s["keyvault_metadata"]["dns_name"]
+            ret.append((truncate_string(s['name']), s['backend_type'], url))
+        else:
+            ret.append((truncate_string(s['name']), s['backend_type'], "N/A"))
     return ret
 
 

tests/secrets/test_cli.py

@@ -62,7 +62,14 @@ def test_delete_scope(secrets_api_mock):
 LIST_SCOPES_RETURN = {
     "scopes": [{
         "name": "my-scope",
-        "backend_type": "databricks"
+        "backend_type": "DATABRICKS"
+    }, {
+        "name": "akv-scope",
+        "backend_type": "AZURE_KEYVAULT",
+        "keyvault_metadata": {
+            "resource_id": "/subscriptions/.../resource_id",
+            "dns_name": "https://akvscope.vault.azure.net/"
+        }
     }]
 }
 
@@ -74,7 +81,10 @@ def test_list_scope(secrets_api_mock):
         runner = CliRunner()
         runner.invoke(cli.list_scopes)
         assert echo_mock.call_args[0][0] == \
-            tabulate([('my-scope', 'databricks')], headers=SCOPE_HEADER)
+            tabulate([
+                ('my-scope', 'DATABRICKS', 'N/A'),
+                ('akv-scope', 'AZURE_KEYVAULT', 'https://akvscope.vault.azure.net/')],
+                headers=SCOPE_HEADER)
 
 
 KEY = 'test_key'