Set up type hinting: add fixes in schema-registry module (mostly already typed)

[fangnx]

What

Follow-up PR after #2041: adding missing types + correcting existing types, according to mypy static checker, in schema-registry module

What's left are functions that might require refactoring and more thorough investigation to get the types right:

• common/avro.py, json_schema.py, protobuf.py: schemas are defined as unions, and we need to add guards to verify types accordingly during transformations
• schema_registry_client: handling None return types for several functions
• rules/cel: adding types for CEL operations
• rules/encryption: handling None values propagated through functions. Need to understand the logic better

Checklist

• Contains customer facing changes? Including API/behavior changes
• Did you add sufficient unit test and/or integration test coverage for this PR?
  • If not, please explain why it is not required

References

JIRA: https://confluentinc.atlassian.net/browse/DGS-22076

Test & Review

Open questions / Follow-ups

[confluent-cla-assistant]

🎉 All Contributor License Agreements have been signed. Ready to merge.
_{Please push an empty commit if you would like to re-run the checks to verify CLA status for all contributors.}

[fangnx]

I removed the optional part as we are already checking emptiness for key_url in https://github.com/confluentinc/confluent-kafka-python/blob/master/src/confluent_kafka/schema_registry/rules/encryption/hcvault/hcvault_driver.py#L53, and I think HcVaultKmsClient is supposed to be only created with a specified key_uri, according to the function doc

Not sure if this is considered a breaking change (if customers initializes HcVaultKmsClient directly in their code). @rayokota would love to hear your thoughts on this

[fangnx]

Similar change as the one in hcvault_client.py

[fangnx]

In practice the schema_str field should never be empty, and even it is I think it makes sense to raise the error to fail early here

[MSeal]

A couple questions on the PR. We are introducing a lot of ignore comments in places like avro that feel off but maybe not worth tackling in this pass anyway.

[MSeal]

Why is there a need for type ignoring here? Can we set the ref/referenced_schema type to avoid this?

[fangnx]

In practice, subject and version of SchemaReference never be None, but probably for historical reason (or tech debt) they have been typed as optional. I think updating the types will be a breaking change

Here, get_version() requires non-empty subject and version, so that's why I added the type ignore there. Alternatively we can do:

            if ref.subject is None or ref.version is None:
               # maybe log something
                continue
            referenced_schema = await schema_registry_client.get_version(ref.subject, ref.version, True)

[MSeal]

Maybe add a comment that 'type' in the dict is for the schema type and not any language type hinting? Seeing it might be confusing without context right next to a type ignore call.

[MSeal]

I think we should spread this function args out per line if we're type commenting one. It read weird like this and I think is error prone to refactor bugs

[MSeal]

This changed the logic here. Are we certain it's a correct / tested change?

[fangnx]

_execute_rules_with_phase() already requires SerializationContext and subject to build RuleContext (

confluent-kafka-python/src/confluent_kafka/schema_registry/_async/serde.py

Line 70 in f026e72

def _execute_rules_with_phase(

)

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

[sonarqube-confluent]

• 75.50% Coverage on New Code (is less than 80.00%)

Analysis Details

42 Issues

• 0 Bugs
• 0 Vulnerabilities
• 42 Code Smells

Coverage and Duplications

• 75.50% Coverage (67.00% Estimated after merge)
• No duplication information (5.00% Estimated after merge)

Project ID: confluent-kafka-python

View in SonarQube

[fangnx]

I refactored the name_strategy functions a bit: they have to follow the same function signature but SerializationContext is only required for some

[fangnx]

Moving the indentation is intended to address the type issue of logical_cluster and identity_pool for building _AsyncOAuthClient: they must be non-empty, which we already check in line 280 and 284

This doesn't affect code logic: we check self.bearer_auth_credentials_source in {'OAUTHBEARER', 'STATIC_TOKEN'} for the outer block, and those if-else branches are for OAUTHBEARER and STATIC_TOKEN respectively

[fangnx]

JsonSchema union type is either bool or dict. This was likely coped from avro.py

[Copilot]

Pull Request Overview

Copilot reviewed 42 out of 42 changed files in this pull request and generated 7 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Corrected incomplete error message from 'after the at' to 'after the attempt to generate it'.

Suggested change

	raise ValueError("Token is not set after the at")
	raise ValueError("Token is not set after the attempt to generate it")

[Copilot]

The elif condition check has been replaced with else without verifying all possible values. This assumes only 'OAUTHBEARER' and 'STATIC_TOKEN' are valid values for bearer_auth_credentials_source. Consider adding an explicit elif condition for 'STATIC_TOKEN' to make the code more maintainable and guard against unexpected values.

[fangnx]

It's already the outer block if self.bearer_auth_credentials_source in {'OAUTHBEARER', 'STATIC_TOKEN'}:

[Copilot]

The elif condition check has been replaced with else without verifying all possible values. This assumes only 'OAUTHBEARER' and 'STATIC_TOKEN' are valid values for bearer_auth_credentials_source. Consider adding an explicit elif condition for 'STATIC_TOKEN' to make the code more maintainable and guard against unexpected values.

[fangnx]

It's already the outer block if self.bearer_auth_credentials_source in {'OAUTHBEARER', 'STATIC_TOKEN'}: (line 273)

[Copilot]

The indentation is incorrect on line 867. The 'query['subject'] = subject_name' statement should be on its own line with proper indentation.

Suggested change

	if subject_name is not None: query['subject'] = subject_name
	if subject_name is not None:
	query['subject'] = subject_name

[Copilot]

The indentation is incorrect on line 868. The 'query['subject'] = subject_name' statement should be on its own line with proper indentation.

Suggested change

	if subject_name is not None: query['subject'] = subject_name
	if subject_name is not None:
	query['subject'] = subject_name

[Copilot]

Using a mutable default argument (empty list) is dangerous as it will be shared across all instances. Use None as default and initialize inside the function instead.

Suggested change

	def __init__(self, topic_partitions: List[TopicPartition] = []) -> None:
	self.topic_partitions = topic_partitions or []
	def __init__(self, topic_partitions: Optional[List[TopicPartition]] = None) -> None:
	self.topic_partitions = topic_partitions if topic_partitions is not None else []

[Copilot]

Missing space after comma between 'inline_tags' and 'field_transformer' arguments.

Suggested change

	inline_tags,field_transformer)
	inline_tags, field_transformer)