feat: Add Databricks power#129
Open
antonyprasad-db wants to merge 9 commits into
Open
Conversation
Adds the Databricks AI Dev Kit as a Kiro Power. Provides 44 MCP tools (180+ operations) and 34+ expert skills for building data pipelines, ML workflows, dashboards, jobs, and AI/agentic applications on the Databricks Data Intelligence Platform across AWS, Azure, and GCP. Built off the wrapper Power that @venkatavaradhanv (AWS) prototyped at venkatavaradhanv/databricks. This v2, prepared by @antonyprasad-db (Databricks), reframes authorship for catalog publication, adds an explicit Trademarks subsection (same pattern as datadog / neon / postman entries — third-party product names used descriptively only), and adds a Contributors subsection making the ai-dev-kit -> wrapper -> v2 lineage visible in the manifest. Structure matches the existing aws-agentcore power: - databricks/POWER.md (manifest, four-option auth, complete onboarding) - databricks/mcp.json (parametrized DATABRICKS_CONFIG_PROFILE) - databricks/steering/ (skill index; installer populates from databricks-solutions/ai-dev-kit on activation) Upstream MCP server and skills are sourced from databricks-solutions/ai-dev-kit (Databricks License) — the Power calls the public installer, so users accept the upstream license at runtime. Author attribution belongs to the Power packagers, not to Databricks Inc. Co-authored-by: Isaac
|
Hi @antonyprasad-db, thank you for your contribution! Please note that if you haven't already, you would also need to submit your power officially at kiro.dev/powers/submit so it can be reviewed for listing in the Kiro powers registry. |
antonyprasad-db
changed the title
Pull in the 2026-05-19 update to POWER.md (989 -> 1060 lines) that adds a security-conscious credential-detection block during Step 3 (Configure Authentication): - 8 use-cases = 4 auth options x 2 states (credential exists / not) - Mandates checking ~/.kiro/settings/mcp.json + ~/.databrickscfg before modifying any credentials - Safe fingerprinting rules: secrets shown as first 4 + *** + last 4; full dapi prefix preserved on PATs; client_id full (it's public); OAuth U2M cache tokens never displayed - Explicit 3-way confirmation (reuse / configure new / skip) - Prohibits silent credential reuse between configurations All three v2 changes retained on top: - author: "AWS" (catalog publication reframe) - ### Trademarks (descriptive use of Databricks product names) - ### Contributors (Antony + Venkat, role detail) Smoke tests passed against the merged content: - mcp.json valid JSON - POWER.md frontmatter complete (5/5 required fields) - All required sections present - 7/7 detection-block security guardrails present - No proprietary leaks - Installer URL HTTP 200, valid bash syntax Co-authored-by: Isaac
Three small additions to the credential-detection UX, based on real end-to-end smoke-test feedback in Kiro IDE: 1. New "Agent First-Action Protocol" section at the top: requires the agent to run credential detection BEFORE any MCP tool call, and defines an in-session 401/expired-token recovery loop back into detection (rather than retrying the failed tool or guessing). 2. Rule 3 of the existing detection block now points to Option A (OAuth U2M) as the default recommendation when the user chooses "configure a different option" or when no credentials are detected at all on first run. 3. New rule 5 in the detection block: on auth failure during a session, pause tool execution and re-enter detection. No silent token refresh, no retry-and-hope. Rationale: in smoke testing, the v3 detection block did not fire on the "Try power" entry path — the agent went straight to tool enumeration, hit a 401 on a stale PAT, and did not loop back to detection. These additions make detection a mandatory pre-flight gate (addressing the entry-path gap) and add explicit recovery semantics for in-session auth failures. Co-authored-by: Isaac
Author
|
Pushed a small amendment based on end-to-end smoke-test feedback from running the Power in Kiro IDE. The credential-detection block existed in the previous commit but did not fire on the "Try power" entry path — the agent went straight to tool enumeration, hit a 401 on a stale PAT, and didn't loop back to detection. This commit makes detection a mandatory pre-flight gate and adds explicit recovery semantics. Three changes in
Net diff: +18 / -1. No changes to the existing Venkat-authored detection block content (use-cases, fingerprint rules, examples) — just the activation gate around it and an explicit recovery rule. |
- Fix typo: databricks-app-python → databricks-apps-python (upstream ai-dev-kit/databricks-skills/ uses plural "apps"; current entry would send Kiro users to a nonexistent skill directory) - Add databricks-execution-compute to the catalog and steering index (present in upstream but missing from the Power's skill list) - Bump skill-catalog header count from 33+ → 34+ to match the additions Co-authored-by: Isaac
- Model Serving: surface Foundation Model APIs (FMAPI) and AI Gateway (guardrails / fallbacks / rate limiting). Backed by the existing databricks-model-serving skill, which already documents both. - Unity Catalog: add External Iceberg Reads (cross-engine interop via UC IRC). Backed by the existing databricks-iceberg skill in the catalog. Both bullets stay within the Power's existing skill coverage — no new skills introduced. Co-authored-by: Isaac
…dating, Uninstalling) Replace the glob-based install/cleanup with a manifest-driven flow ported from venkatavaradhanv/databricks. The installer pulls skills from four upstream sources today; a glob like `databricks-*` is fragile when new source repos add prefixes that overlap with skills another tool installed. - Step 1: snapshot ~/.kiro/skills before installing so we know exactly which directories the installer adds - Step 2: diff the post-install state against the snapshot, persist as .skill-manifest.txt under the Power's installed directory, and copy only manifest-listed entries into the steering directory - Updating Skills: re-run the snapshot/installer/diff cycle to refresh - Uninstalling Skills: new section — replay the manifest to remove only Power-owned skills, never anything another tool installed Source: venkatavaradhanv/databricks personal repo, Step 1/2/Updating/ Uninstalling sections. Co-authored-by: Isaac
…ixes
Three real install-blocking bugs that surface on every fresh Kiro install
of this Power. Each section comes with an idempotent jq-based fix so
agents (and humans) can apply it deterministically.
- Step 2.5: Kiro's user-level mcp.json schema requires a top-level
mcpServers key. Fresh installs hit "Invalid mcp.json format" because
the Power only writes the powers.* block. Adds {} when missing,
preserves anything that's already there.
- Step 2.6: ai-dev-kit's installer writes a top-level mcpServers.databricks
entry (designed for users running ai-dev-kit standalone). Leaving it
alongside the Power's entry means Kiro launches two MCP server copies,
which confuses tool routing. Removes it idempotently.
- Step 2.7: Bundled mcp.json uses ~/.ai-dev-kit/... paths, but Node's
child_process.spawn() doesn't expand ~ — server fails with ENOENT.
Rewrites command + args to absolute paths under $HOME.
Source: venkatavaradhanv/databricks personal repo.
Co-authored-by: Isaac
…rning entry Two additions ported from venkatavaradhanv/databricks: 1. Multi-environment ~/.databrickscfg setup section before the auth option list. Establishes a naming convention (<auth>-<env>) so users running against more than one workspace can switch with a single env-var change instead of editing mcp.json each time. Reference template covers u2m, m2m, and pat profile blocks for dev/qa/prod. 2. Troubleshooting entry for the cosmetic "SKILL.md not for skill" warning that Kiro logs for databricks-app-apx — upstream databricks-solutions/apx ships a frontmatter name field that doesn't match the installed directory name. No user action needed; documenting it so users don't try to "fix" it locally (gets overwritten on next update) and instead points to the upstream issue path. Co-authored-by: Isaac
Two small but high-leverage adds: - jq listed as a Prerequisite. Steps 2.5/2.6/2.7 lean on jq for idempotent mcp.json edits; each step has a non-jq fallback, but surfacing jq in Prerequisites means users install it before they hit the first step that needs it instead of mid-flow. - "Install at a glance" table summarizing all 7 steps (1, 2, 2.5, 2.6, 2.7, 3, 4) with one-line purpose + reason. The three install- bug workarounds (2.5/2.6/2.7) look optional but every fresh Kiro install of this Power hits at least one of them today — putting them in the same checklist as 1/2/3/4 makes that clear before users start skimming. Co-authored-by: Isaac
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds the Databricks AI Dev Kit as a Kiro Power. Currently no Databricks power exists in this catalog — this fills that gap.
The Power provides:
get_current_userMCP call) to verify the full chain — auth, env-var resolution, server enablementContributors
Co-authored by @antonyprasad-db (Databricks — author of the underlying ai-dev-kit and its Kiro IDE installer support in PR #511 that this Power depends on) and @venkatavaradhanv (AWS — Power packaging, parametrized
mcp.json, four-option auth documentation).Full attribution in
POWER.md→### Contributors.What's included
Structure matches the existing
aws-agentcorepower exactly.How the Power works
On first activation, the agent runs the official Databricks AI Dev Kit installer in non-interactive Kiro mode:
bash <(curl -sL https://raw.githubusercontent.com/databricks-solutions/ai-dev-kit/main/install.sh) --tools kiro --global --silentThe installer downloads the MCP server, creates a uv venv, and pulls 34+ skills into
~/.kiro/skills/. The Power's onboarding flow then copies skills into its ownsteering/directory so they're scoped to Power activation. This keeps the Power lean — skills are always fetched from the latest upstream rather than bundled and going stale.License and Trademarks
The Power's manifest is published by community contributors. Upstream MCP server and skills are sourced from
databricks-solutions/ai-dev-kitand governed by the Databricks License — users accept those terms when they run the installer.Databricks product names referenced in
POWER.md(Databricks, Databricks AI Dev Kit, Unity Catalog, Delta Lake, Mosaic AI, Agent Bricks, Genie, Lakebase) are trademarks of Databricks, Inc. used descriptively to identify the upstream product this Power integrates with — same pattern as thedatadog,neon,postmanentries already in this catalog. The Power is community-published and not authored, endorsed, or maintained by Databricks, Inc.Checklist
disabled: trueuntil user configures credentials); all${VAR}references resolve from shell environment, no hardcoded secrets