SNOW-2268606-regression-3.17.0-unexplained-errors-in-connecting-to-IMDS-from-3.17.0-leads-to-connection-failures-and-excessive-logging-works-with-3.16.0 (#2489)

(cherry picked from commit 631eec6)

Author: sfc-gh-fpawlowski

src/snowflake/connector/auth/_auth.py

@@ -138,7 +138,7 @@ def base_auth_data(
                     "SOCKET_TIMEOUT": socket_timeout,
                     "PLATFORM": detect_platforms(
                         platform_detection_timeout_seconds=platform_detection_timeout_seconds,
-                        session_manager=session_manager,
+                        session_manager=session_manager.clone(max_retries=0),
                     ),
                 },
             },

src/snowflake/connector/platform_detection.py

@@ -405,7 +405,7 @@ def detect_platforms(
             logger.debug(
                 "No session manager provided. HTTP settings may not be preserved. Using default."
             )
-            session_manager = SessionManager(use_pooling=False)
+            session_manager = SessionManager(use_pooling=False, max_retries=0)
 
         # Run environment-only checks synchronously (no network calls, no threading overhead)
         platforms = {

src/snowflake/connector/session_manager.py

@@ -16,7 +16,7 @@
 from .vendored.requests.adapters import BaseAdapter, HTTPAdapter
 from .vendored.requests.exceptions import InvalidProxyURL
 from .vendored.requests.utils import prepend_scheme_if_needed, select_proxy
-from .vendored.urllib3 import PoolManager
+from .vendored.urllib3 import PoolManager, Retry
 from .vendored.urllib3.poolmanager import ProxyManager
 from .vendored.urllib3.util.url import parse_url
 
@@ -119,7 +119,7 @@ class BaseHttpConfig:
     """Immutable HTTP configuration shared by SessionManager instances."""
 
     use_pooling: bool = True
-    max_retries: int | None = REQUESTS_RETRY
+    max_retries: int | Retry | None = REQUESTS_RETRY
     proxy_host: str | None = None
     proxy_port: str | None = None
     proxy_user: str | None = None
@@ -217,6 +217,40 @@ def close(self) -> None:
         self._idle_sessions.clear()
 
 
+class _ConfigDirectAccessMixin(abc.ABC):
+    @property
+    @abc.abstractmethod
+    def config(self) -> HttpConfig: ...
+
+    @config.setter
+    @abc.abstractmethod
+    def config(self, value) -> HttpConfig: ...
+
+    @property
+    def use_pooling(self) -> bool:
+        return self.config.use_pooling
+
+    @use_pooling.setter
+    def use_pooling(self, value: bool) -> None:
+        self.config = self.config.copy_with(use_pooling=value)
+
+    @property
+    def adapter_factory(self) -> Callable[..., HTTPAdapter]:
+        return self.config.adapter_factory
+
+    @adapter_factory.setter
+    def adapter_factory(self, value: Callable[..., HTTPAdapter]) -> None:
+        self.config = self.config.copy_with(adapter_factory=value)
+
+    @property
+    def max_retries(self) -> Retry | int:
+        return self.config.max_retries
+
+    @max_retries.setter
+    def max_retries(self, value: Retry | int) -> None:
+        self.config = self.config.copy_with(max_retries=value)
+
+
 class _RequestVerbsUsingSessionMixin(abc.ABC):
     """
     Mixin that provides HTTP methods (get, post, put, etc.) mirroring requests.Session, maintaining their default argument behavior (e.g., HEAD uses allow_redirects=False).
@@ -327,7 +361,7 @@ def delete(
             return session.delete(url, headers=headers, timeout=timeout, **kwargs)
 
 
-class SessionManager(_RequestVerbsUsingSessionMixin):
+class SessionManager(_RequestVerbsUsingSessionMixin, _ConfigDirectAccessMixin):
     """
     Central HTTP session manager that handles all external requests from the Snowflake driver.
 
@@ -394,22 +428,6 @@ def proxy_url(self) -> str:
             self._cfg.proxy_password,
         )
 
-    @property
-    def use_pooling(self) -> bool:
-        return self._cfg.use_pooling
-
-    @use_pooling.setter
-    def use_pooling(self, value: bool) -> None:
-        self._cfg = self._cfg.copy_with(use_pooling=value)
-
-    @property
-    def adapter_factory(self) -> Callable[..., HTTPAdapter]:
-        return self._cfg.adapter_factory
-
-    @adapter_factory.setter
-    def adapter_factory(self, value: Callable[..., HTTPAdapter]) -> None:
-        self._cfg = self._cfg.copy_with(adapter_factory=value)
-
     @property
     def sessions_map(self) -> dict[str, SessionPool]:
         return self._sessions_map
@@ -435,9 +453,7 @@ def get_session_pool_manager(session: Session, url: str) -> PoolManager | None:
     def _mount_adapters(self, session: requests.Session) -> None:
         try:
             # Its important that each separate session manager creates its own adapters - because they are storing internally PoolManagers - which shouldn't be reused if not in scope of the same adapter.
-            adapter = self._cfg.adapter_factory(
-                max_retries=self._cfg.max_retries or REQUESTS_RETRY
-            )
+            adapter = self._cfg.get_adapter()
             if adapter is not None:
                 session.mount("http://", adapter)
                 session.mount("https://", adapter)
@@ -505,27 +521,18 @@ def close(self):
 
     def clone(
         self,
-        *,
-        use_pooling: bool | None = None,
-        adapter_factory: AdapterFactory | None = None,
+        **http_config_overrides,
     ) -> SessionManager:
         """Return a new *stateless* SessionManager sharing this instance’s config.
 
-        "Shallow" means the configuration object (HttpConfig) is reused as-is,
+        "Shallow clone" - the configuration object (HttpConfig) is reused as-is,
         while *stateful* aspects such as the per-host SessionPool mapping are
         reset, so the two managers do not share live `requests.Session`
         objects.
-        Optional *use_pooling* / *adapter_factory* overrides create a modified
-        copy of the config before instantiation.
+        Optional kwargs (e.g. *use_pooling* / *adapter_factory* / max_retries etc.) - overrides to create a modified
+        copy of the HttpConfig before instantiation.
         """
-
-        overrides: dict[str, Any] = {}
-        if use_pooling is not None:
-            overrides["use_pooling"] = use_pooling
-        if adapter_factory is not None:
-            overrides["adapter_factory"] = adapter_factory
-
-        return SessionManager.from_config(self._cfg, **overrides)
+        return SessionManager.from_config(self._cfg, **http_config_overrides)
 
     def __getstate__(self):
         state = self.__dict__.copy()

test/integ/test_connection.py

@@ -60,6 +60,8 @@
 except ImportError:
     pass
 
+logger = logging.getLogger(__name__)
+
 
 def test_basic(conn_testaccount):
     """Basic Connection test."""
@@ -1398,6 +1400,176 @@ def test_ocsp_mode_insecure_mode_and_disable_ocsp_checks_mismatch_ocsp_disabled(
             assert "This connection does not perform OCSP checks." in caplog.text
 
 
+def _message_matches_pattern(message, pattern):
+    """Check if a log message matches a pattern (exact match or starts with pattern)."""
+    return message == pattern or message.startswith(pattern)
+
+
+def _find_matching_patterns(messages, patterns):
+    """Find which patterns match the given messages.
+
+    Returns:
+        tuple: (matched_patterns, missing_patterns, unmatched_messages)
+    """
+    matched_patterns = set()
+    unmatched_messages = []
+
+    for message in messages:
+        found_match = False
+        for pattern in patterns:
+            if _message_matches_pattern(message, pattern):
+                matched_patterns.add(pattern)
+                found_match = True
+                break
+        if not found_match:
+            unmatched_messages.append(message)
+
+    missing_patterns = set(patterns) - matched_patterns
+    return matched_patterns, missing_patterns, unmatched_messages
+
+
+def _calculate_log_bytes(messages):
+    """Calculate total byte size of log messages."""
+    return sum(len(message.encode("utf-8")) for message in messages)
+
+
+def _log_pattern_analysis(
+    actual_messages,
+    expected_patterns,
+    matched_patterns,
+    missing_patterns,
+    unmatched_messages,
+    show_all_messages=False,
+):
+    """Log detailed analysis of pattern differences.
+
+    Args:
+        actual_messages: List of actual log messages
+        expected_patterns: List of expected log patterns
+        matched_patterns: Set of patterns that were found
+        missing_patterns: Set of patterns that were not found
+        unmatched_messages: List of messages that didn't match any pattern
+        show_all_messages: If True, log all actual messages for debugging
+    """
+
+    if missing_patterns:
+        logger.warning(f"Missing expected log patterns ({len(missing_patterns)}):")
+        for pattern in sorted(missing_patterns):
+            logger.warning(f"  - MISSING: '{pattern}'")
+
+    if unmatched_messages:
+        logger.warning(f"New/unexpected log messages ({len(unmatched_messages)}):")
+        for message in unmatched_messages:
+            message_bytes = len(message.encode("utf-8"))
+            logger.warning(f"  + NEW: '{message}' ({message_bytes} bytes)")
+
+    # Log summary
+    logger.warning("Log analysis summary:")
+    logger.warning(f"  - Expected patterns: {len(expected_patterns)}")
+    logger.warning(f"  - Matched patterns: {len(matched_patterns)}")
+    logger.warning(f"  - Missing patterns: {len(missing_patterns)}")
+    logger.warning(f"  - Actual messages: {len(actual_messages)}")
+    logger.warning(f"  - Unmatched messages: {len(unmatched_messages)}")
+
+    # Show all messages if requested (useful when patterns match but bytes don't)
+    if show_all_messages:
+        logger.warning("All actual log messages:")
+        for i, message in enumerate(actual_messages):
+            message_bytes = len(message.encode("utf-8"))
+            logger.warning(f"  [{i:2d}] '{message}' ({message_bytes} bytes)")
+
+
+def _assert_log_bytes_within_tolerance(actual_bytes, expected_bytes, tolerance):
+    """Assert that log bytes are within acceptable tolerance."""
+    assert actual_bytes == pytest.approx(expected_bytes, rel=tolerance), (
+        f"Log bytes {actual_bytes} is not approximately equal to expected {expected_bytes} "
+        f"within {tolerance*100}% tolerance. "
+        f"This may indicate unwanted logs being produced or changes in logging behavior."
+    )
+
+
+@pytest.mark.skipolddriver
+def test_logs_size_during_basic_query_stays_unchanged(conn_cnx, caplog):
+    """Test that the amount of bytes logged during normal select 1 flow is within acceptable range. Related to: SNOW-2268606"""
+    caplog.set_level(logging.INFO, "snowflake.connector")
+    caplog.clear()
+
+    # Test-specific constants
+    EXPECTED_BYTES = 145
+    ACCEPTABLE_DELTA = 0.6
+    EXPECTED_PATTERNS = [
+        "Snowflake Connector for Python Version: ",  # followed by version info
+        "Connecting to GLOBAL Snowflake domain",
+    ]
+
+    with conn_cnx() as conn:
+        with conn.cursor() as cur:
+            cur.execute("select 1").fetchall()
+
+            actual_messages = [record.getMessage() for record in caplog.records]
+            total_log_bytes = _calculate_log_bytes(actual_messages)
+
+            if total_log_bytes != EXPECTED_BYTES:
+                logger.warning(
+                    f"There was a change in a size of the logs produced by the basic Snowflake query. "
+                    f"Expected: {EXPECTED_BYTES}, got: {total_log_bytes}. "
+                    f"We may need to update the test_logs_size_during_basic_query_stays_unchanged - i.e. EXACT_EXPECTED_LOGS_BYTES constant."
+                )
+
+                # Check if patterns match to decide whether to show all messages
+                matched_patterns, missing_patterns, unmatched_messages = (
+                    _find_matching_patterns(actual_messages, EXPECTED_PATTERNS)
+                )
+                patterns_match_perfectly = (
+                    len(missing_patterns) == 0 and len(unmatched_messages) == 0
+                )
+
+                _log_pattern_analysis(
+                    actual_messages,
+                    EXPECTED_PATTERNS,
+                    matched_patterns,
+                    missing_patterns,
+                    unmatched_messages,
+                    show_all_messages=patterns_match_perfectly,
+                )
+
+            _assert_log_bytes_within_tolerance(
+                total_log_bytes, EXPECTED_BYTES, ACCEPTABLE_DELTA
+            )
+
+
+@pytest.mark.skipolddriver
+def test_no_new_warnings_or_errors_on_successful_basic_select(conn_cnx, caplog):
+    """Test that the number of warning/error log entries stays the same during successful basic select operations. Related to: SNOW-2268606"""
+    caplog.set_level(logging.WARNING, "snowflake.connector")
+    baseline_warning_count = 0
+    baseline_error_count = 0
+
+    # Execute basic select operations and check counts remain the same
+    caplog.clear()
+    with conn_cnx() as conn:
+        with conn.cursor() as cur:
+            # Execute basic select operations
+            result1 = cur.execute("select 1").fetchall()
+            assert result1 == [(1,)]
+
+    # Count warning/error log entries after operations
+    test_warning_count = len(
+        [r for r in caplog.records if r.levelno >= logging.WARNING]
+    )
+    test_error_count = len([r for r in caplog.records if r.levelno >= logging.ERROR])
+
+    # Assert counts stay the same (no new warnings or errors)
+    assert test_warning_count == baseline_warning_count, (
+        f"Warning count increased from {baseline_warning_count} to {test_warning_count}. "
+        f"New warnings: {[r.getMessage() for r in caplog.records if r.levelno == logging.WARNING]}"
+    )
+    assert test_error_count == baseline_error_count, (
+        f"Error count increased from {baseline_error_count} to {test_error_count}. "
+        f"New errors: {[r.getMessage() for r in caplog.records if r.levelno >= logging.ERROR]}"
+    )
+
+
 @pytest.mark.skipolddriver
 def test_ocsp_mode_insecure_mode_and_disable_ocsp_checks_mismatch_ocsp_enabled(
     conn_cnx, is_public_test, is_local_dev_setup, caplog