Make notebook-native auth work with more configurations of the Databricks Runtime#285
Merged
Make notebook-native auth work with more configurations of the Databricks Runtime#285
Conversation
…icks Runtime This PR adds additional logging and hardening to `auth_type='runtime'`, which performs credentials lookup in the following order: 1. `init_runtime_native_auth` for the newest DBR versions. 2. `init_runtime_repl_auth` via Databricks REPL context and `workspaceUrl`. 3. `init_runtime_legacy_auth` via IPython context for legacy runtimes and modes. Every detection step adds more logging on `DEBUG` level. Based on publicly-accessible code in https://github.com/mlflow/mlflow/blame/6bd97bde24d78bcfbf6d50c1dd0f4fac2ed6987b/mlflow/utils/databricks_utils.py
Contributor
Author
|
TODO: add a job to integration test native auth for different runtimes. |
mgyucht
approved these changes
Aug 16, 2023
Contributor
mgyucht
left a comment
mgyucht
left a comment
There was a problem hiding this comment.
Overall LGTM. Can we include somewhere the list of DBR versions/access control modes that this PR enables?
|
|
||
| def inner() -> Dict[str, str]: | ||
| ctx = dbutils.notebook().getContext() | ||
| return {'Authorization': f'Bearer {getattr(ctx, "apiToken")().get()}'} |
Contributor
There was a problem hiding this comment.
Is this equivalent?
Suggested change
| return {'Authorization': f'Bearer {getattr(ctx, "apiToken")().get()}'} | |
| return {'Authorization': f'Bearer {ctx.apiToken().get()}'} |
| ctx = dbutils.notebook().getContext() | ||
| if ctx is None: | ||
| return None, None | ||
| host = getattr(ctx, 'apiUrl')().get() |
Contributor
There was a problem hiding this comment.
Is this equivalent?
Suggested change
| host = getattr(ctx, 'apiUrl')().get() | |
| host = ctx.apiUrl().get() |
mgyucht
added a commit
that referenced
this pull request
Aug 17, 2023
* Added collection of Databricks Runtime versions used together with Python SDK ([#287](#287)). * Applied attribute transformer when reading in attributes from the environment ([#293](#293)). * Made notebook-native auth work with more configurations of the Databricks Runtime ([#285](#285)). * Added retry in `w.clusters.ensure_cluster_is_running(id)` when cluster is simultaneously started by two different processes. ([#283](#283)). * Set necessary headers when authenticating via Azure CLI ([#290](#290)). * Updated classifier to `Development Status :: 4 - Beta` ([#291](#291)). * Introduced Artifact Allowlist, Securable Tags, and Subentity Tags services. * Introduced DeleteRuns and RestoreRuns methods in the Experiments API. * Introduced the GetSecret method in the Secrets API. * Renamed Auto Maintenance to Predictive Optimization. New Services: * Added [w.artifact_allowlists](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/artifact_allowlists.html) workspace-level service. * Added [w.securable_tags](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/securable_tags.html) workspace-level service. * Added [w.subentity_tags](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/subentity_tags.html) workspace-level service. * Added `databricks.sdk.service.catalog.ArtifactAllowlistInfo` dataclass. * Added `databricks.sdk.service.catalog.ArtifactMatcher` dataclass. * Added `databricks.sdk.service.catalog.ArtifactType` dataclass. * Added `databricks.sdk.service.catalog.GetArtifactAllowlistRequest` dataclass. * Added `databricks.sdk.service.catalog.ListSecurableTagsRequest` dataclass. * Added `databricks.sdk.service.catalog.ListSecurableType` dataclass. * Added `databricks.sdk.service.catalog.ListSubentityTagsRequest` dataclass. * Added `databricks.sdk.service.catalog.MatchType` dataclass. * Added `databricks.sdk.service.catalog.SetArtifactAllowlist` dataclass. * Added `databricks.sdk.service.catalog.TagChanges` dataclass. * Added `databricks.sdk.service.catalog.TagKeyValuePair` dataclass. * Added `databricks.sdk.service.catalog.TagSecurable` dataclass. * Added `databricks.sdk.service.catalog.TagSecurableAssignment` dataclass. * Added `databricks.sdk.service.catalog.TagSecurableAssignmentsList` dataclass. * Added `databricks.sdk.service.catalog.TagSubentity` dataclass. * Added `databricks.sdk.service.catalog.TagSubentityAssignmentsList` dataclass. * Added `databricks.sdk.service.catalog.TagsSubentityAssignment` dataclass. * Added `databricks.sdk.service.catalog.UpdateSecurableType` dataclass. * Added `databricks.sdk.service.catalog.UpdateTags` dataclass. New APIs: * Added `delete_runs()` method for [w.experiments](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/experiments.html) workspace-level service. * Added `restore_runs()` method for [w.experiments](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/experiments.html) workspace-level service. * Added `databricks.sdk.service.ml.DeleteRuns` dataclass. * Added `databricks.sdk.service.ml.DeleteRunsResponse` dataclass. * Added `databricks.sdk.service.ml.RestoreRuns` dataclass. * Added `databricks.sdk.service.ml.RestoreRunsResponse` dataclass. * Added `get_secret()` method for [w.secrets](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/secrets.html) workspace-level service. * Added `databricks.sdk.service.workspace.GetSecretRequest` dataclass. * Added `databricks.sdk.service.workspace.GetSecretResponse` dataclass. Service Renames: * Removed `effective_auto_maintenance_flag` field for `databricks.sdk.service.catalog.CatalogInfo`. * Removed `enable_auto_maintenance` field for `databricks.sdk.service.catalog.CatalogInfo`. * Added `effective_predictive_optimization_flag` field for `databricks.sdk.service.catalog.CatalogInfo`. * Added `enable_predictive_optimization` field for `databricks.sdk.service.catalog.CatalogInfo`. * Removed `databricks.sdk.service.catalog.EffectiveAutoMaintenanceFlag` dataclass. * Removed `databricks.sdk.service.catalog.EffectiveAutoMaintenanceFlagInheritedFromType` dataclass. * Removed `databricks.sdk.service.catalog.EnableAutoMaintenance` dataclass. * Removed `effective_auto_maintenance_flag` field for `databricks.sdk.service.catalog.SchemaInfo`. * Removed `enable_auto_maintenance` field for `databricks.sdk.service.catalog.SchemaInfo`. * Added `effective_predictive_optimization_flag` field for `databricks.sdk.service.catalog.SchemaInfo`. * Added `enable_predictive_optimization` field for `databricks.sdk.service.catalog.SchemaInfo`. * Removed `effective_auto_maintenance_flag` field for `databricks.sdk.service.catalog.TableInfo`. * Removed `enable_auto_maintenance` field for `databricks.sdk.service.catalog.TableInfo`. * Added `effective_predictive_optimization_flag` field for `databricks.sdk.service.catalog.TableInfo`. * Added `enable_predictive_optimization` field for `databricks.sdk.service.catalog.TableInfo`. * Added `databricks.sdk.service.catalog.EffectivePredictiveOptimizationFlag` dataclass. * Added `databricks.sdk.service.catalog.EffectivePredictiveOptimizationFlagInheritedFromType` dataclass. * Added `databricks.sdk.service.catalog.EnablePredictiveOptimization` dataclass. OpenAPI SHA: beff621d7b3e1d59244e2e34fc53a496f310e130, Date: 2023-08-17
Merged
github-merge-queue bot
pushed a commit
that referenced
this pull request
Aug 17, 2023
* Added collection of Databricks Runtime versions used together with Python SDK ([#287](#287)). * Applied attribute transformer when reading in attributes from the environment ([#293](#293)). * Made notebook-native auth work with more configurations of the Databricks Runtime ([#285](#285)). * Added retry in `w.clusters.ensure_cluster_is_running(id)` when cluster is simultaneously started by two different processes. ([#283](#283)). * Set necessary headers when authenticating via Azure CLI ([#290](#290)). * Updated classifier to `Development Status :: 4 - Beta` ([#291](#291)). * Introduced Artifact Allowlist, Securable Tags, and Subentity Tags services. * Introduced DeleteRuns and RestoreRuns methods in the Experiments API. * Introduced the GetSecret method in the Secrets API. * Renamed Auto Maintenance to Predictive Optimization. New Services: * Added [w.artifact_allowlists](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/artifact_allowlists.html) workspace-level service. * Added [w.securable_tags](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/securable_tags.html) workspace-level service. * Added [w.subentity_tags](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/subentity_tags.html) workspace-level service. * Added `databricks.sdk.service.catalog.ArtifactAllowlistInfo` dataclass. * Added `databricks.sdk.service.catalog.ArtifactMatcher` dataclass. * Added `databricks.sdk.service.catalog.ArtifactType` dataclass. * Added `databricks.sdk.service.catalog.GetArtifactAllowlistRequest` dataclass. * Added `databricks.sdk.service.catalog.ListSecurableTagsRequest` dataclass. * Added `databricks.sdk.service.catalog.ListSecurableType` dataclass. * Added `databricks.sdk.service.catalog.ListSubentityTagsRequest` dataclass. * Added `databricks.sdk.service.catalog.MatchType` dataclass. * Added `databricks.sdk.service.catalog.SetArtifactAllowlist` dataclass. * Added `databricks.sdk.service.catalog.TagChanges` dataclass. * Added `databricks.sdk.service.catalog.TagKeyValuePair` dataclass. * Added `databricks.sdk.service.catalog.TagSecurable` dataclass. * Added `databricks.sdk.service.catalog.TagSecurableAssignment` dataclass. * Added `databricks.sdk.service.catalog.TagSecurableAssignmentsList` dataclass. * Added `databricks.sdk.service.catalog.TagSubentity` dataclass. * Added `databricks.sdk.service.catalog.TagSubentityAssignmentsList` dataclass. * Added `databricks.sdk.service.catalog.TagsSubentityAssignment` dataclass. * Added `databricks.sdk.service.catalog.UpdateSecurableType` dataclass. * Added `databricks.sdk.service.catalog.UpdateTags` dataclass. New APIs: * Added `delete_runs()` method for [w.experiments](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/experiments.html) workspace-level service. * Added `restore_runs()` method for [w.experiments](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/experiments.html) workspace-level service. * Added `databricks.sdk.service.ml.DeleteRuns` dataclass. * Added `databricks.sdk.service.ml.DeleteRunsResponse` dataclass. * Added `databricks.sdk.service.ml.RestoreRuns` dataclass. * Added `databricks.sdk.service.ml.RestoreRunsResponse` dataclass. * Added `get_secret()` method for [w.secrets](https://databricks-sdk-py.readthedocs.io/en/latest/workspace/secrets.html) workspace-level service. * Added `databricks.sdk.service.workspace.GetSecretRequest` dataclass. * Added `databricks.sdk.service.workspace.GetSecretResponse` dataclass. Service Renames: * Removed `effective_auto_maintenance_flag` field for `databricks.sdk.service.catalog.CatalogInfo`. * Removed `enable_auto_maintenance` field for `databricks.sdk.service.catalog.CatalogInfo`. * Added `effective_predictive_optimization_flag` field for `databricks.sdk.service.catalog.CatalogInfo`. * Added `enable_predictive_optimization` field for `databricks.sdk.service.catalog.CatalogInfo`. * Removed `databricks.sdk.service.catalog.EffectiveAutoMaintenanceFlag` dataclass. * Removed `databricks.sdk.service.catalog.EffectiveAutoMaintenanceFlagInheritedFromType` dataclass. * Removed `databricks.sdk.service.catalog.EnableAutoMaintenance` dataclass. * Removed `effective_auto_maintenance_flag` field for `databricks.sdk.service.catalog.SchemaInfo`. * Removed `enable_auto_maintenance` field for `databricks.sdk.service.catalog.SchemaInfo`. * Added `effective_predictive_optimization_flag` field for `databricks.sdk.service.catalog.SchemaInfo`. * Added `enable_predictive_optimization` field for `databricks.sdk.service.catalog.SchemaInfo`. * Removed `effective_auto_maintenance_flag` field for `databricks.sdk.service.catalog.TableInfo`. * Removed `enable_auto_maintenance` field for `databricks.sdk.service.catalog.TableInfo`. * Added `effective_predictive_optimization_flag` field for `databricks.sdk.service.catalog.TableInfo`. * Added `enable_predictive_optimization` field for `databricks.sdk.service.catalog.TableInfo`. * Added `databricks.sdk.service.catalog.EffectivePredictiveOptimizationFlag` dataclass. * Added `databricks.sdk.service.catalog.EffectivePredictiveOptimizationFlagInheritedFromType` dataclass. * Added `databricks.sdk.service.catalog.EnablePredictiveOptimization` dataclass. OpenAPI SHA: beff621d7b3e1d59244e2e34fc53a496f310e130, Date: 2023-08-17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds additional logging and hardening to
auth_type='runtime', which performs credentials lookup in the following order:init_runtime_native_authfor the newest DBR versions.init_runtime_repl_authvia Databricks REPL context andworkspaceUrl.init_runtime_legacy_authvia IPython context for legacy runtimes and modes.Every detection step adds more logging on
DEBUGlevel.This PR adds nightly integration testing for all LTS runtimes, as well as testing the latest runtime with UC data access modes.
Based on publicly-accessible code in https://github.com/mlflow/mlflow/blame/6bd97bde24d78bcfbf6d50c1dd0f4fac2ed6987b/mlflow/utils/databricks_utils.py