What would you like to be improved?
The current location of TestAwsGlueSchema.java and TestAwsGlueTable.java causes them to run during standard unit test builds if a developer has ambient AWS credentials configured locally.
Because the files reside in catalogs/catalog-glue/src/test/java/..., they bypass the Gradle exclude("**/integration/test/**") rule tied to the skipITs flag. If a contributor runs a standard ./gradlew catalogs:catalot-glue:test -PskipITs while having AWS_ACCESS_KEY_ID set in their terminal profile, JUnit will automatically execute these live cloud integration tests.
This can lead to unintended resource creation in personal or organizational AWS accounts, trigger security alerts, or cause accidental API costs for local developers.
How should we improve?
To improve the local developer experience and ensure live AWS tests are only run when explicitly intended, we should resolve the boundary between the unit and integration tests. I propose two potential paths:
-
Move TestAwsGlueSchema.java and TestAwsGlueTable.java into a integration/test/... directory. This properly classifies them as integration tests and perfectly aligns with the existing skipITs Gradle logic, ensuring the test is safely skipped by default for local builds.
-
Keep the test in the unit test directory, but decouple it from the real AWS network endpoint. We can refactor the test to use Mockito to mock the GlueClient.
What would you like to be improved?
The current location of
TestAwsGlueSchema.javaandTestAwsGlueTable.javacauses them to run during standard unit test builds if a developer has ambient AWS credentials configured locally.Because the files reside in
catalogs/catalog-glue/src/test/java/..., they bypass the Gradleexclude("**/integration/test/**")rule tied to theskipITsflag. If a contributor runs a standard./gradlew catalogs:catalot-glue:test -PskipITswhile havingAWS_ACCESS_KEY_IDset in their terminal profile, JUnit will automatically execute these live cloud integration tests.This can lead to unintended resource creation in personal or organizational AWS accounts, trigger security alerts, or cause accidental API costs for local developers.
How should we improve?
To improve the local developer experience and ensure live AWS tests are only run when explicitly intended, we should resolve the boundary between the unit and integration tests. I propose two potential paths:
Move
TestAwsGlueSchema.javaandTestAwsGlueTable.javainto aintegration/test/...directory. This properly classifies them as integration tests and perfectly aligns with the existingskipITsGradle logic, ensuring the test is safely skipped by default for local builds.Keep the test in the unit test directory, but decouple it from the real AWS network endpoint. We can refactor the test to use Mockito to mock the
GlueClient.