Assessment failing on 'assess_azure_service_principals'

Recently started using UCX tool. The assessment step is failing while running on Azure Databricks field-eng-east. Added the entire stack trace. Other tasks are completing successfully so far.

```
DatabricksError: Scope myscope does not exist!
---------------------------------------------------------------------------
DatabricksError                           Traceback (most recent call last)
File ~/.ipykernel/1229/command--1-3883835851:18
     15 entry = [ep for ep in metadata.distribution("databricks_labs_ucx").entry_points if ep.name == "runtime"]
     16 if entry:
     17   # Load and execute the entrypoint, assumes no parameters
---> 18   entry[0].load()()
     19 else:
     20   import databricks_labs_ucx

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/labs/ucx/runtime.py:253, in main()
    252 def main():
--> 253     trigger(*sys.argv)

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/labs/ucx/framework/tasks.py:93, in trigger(*argv)
     90 cfg = WorkspaceConfig.from_file(Path(args["config"]))
     91 logging.getLogger("databricks").setLevel(cfg.log_level)
---> 93 current_task.fn(cfg)

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/labs/ucx/runtime.py:149, in assess_azure_service_principals(cfg)
    147 ws = WorkspaceClient(config=cfg.to_databricks_config())
    148 crawler = AzureServicePrincipalCrawler(ws, RuntimeBackend(), cfg.inventory_database)
--> 149 crawler.snapshot()

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/labs/ucx/assessment/crawlers.py:364, in AzureServicePrincipalCrawler.snapshot(self)
    363 def snapshot(self) -> list[AzureServicePrincipalInfo]:
--> 364     return self._snapshot(self._try_fetch, self._crawl)

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/labs/ucx/framework/crawlers.py:244, in CrawlerBase._snapshot(self, fetcher, loader)
    242         raise err
    243 logger.debug(f"[{self._full_name}] crawling new batch for {self._table}")
--> 244 loaded_records = list(loader())
    245 self._append_records(loaded_records)
    246 return loaded_records

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/labs/ucx/assessment/crawlers.py:180, in AzureServicePrincipalCrawler._crawl(self)
    179 def _crawl(self) -> list[AzureServicePrincipalInfo]:
--> 180     all_relevant_service_principals = self._get_relevant_service_principals()
    181     deduped_service_principals = [dict(t) for t in {tuple(d.items()) for d in all_relevant_service_principals}]
    182     return list(self._assess_service_principals(deduped_service_principals))

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/labs/ucx/assessment/crawlers.py:269, in AzureServicePrincipalCrawler._get_relevant_service_principals(self)
    267 if temp_list:
    268     relevant_service_principals += temp_list
--> 269 temp_list = self._list_all_pipeline_with_spn_in_spark_conf()
    270 if temp_list:
    271     relevant_service_principals += temp_list

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/labs/ucx/assessment/crawlers.py:322, in AzureServicePrincipalCrawler._list_all_pipeline_with_spn_in_spark_conf(self)
    320 if not _azure_sp_conf_present_check(pipeline_config):
    321     continue
--> 322 temp_list = self._get_azure_spn_list(pipeline_config)
    323 if temp_list:
    324     azure_spn_list_with_data_access_from_pipeline += temp_list

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/labs/ucx/assessment/crawlers.py:216, in AzureServicePrincipalCrawler._get_azure_spn_list(self, config)
    214 secret_matched = re.search(_SECRET_PATTERN, spn_application_id)
    215 if secret_matched:
--> 216     spn_application_id = self._check_secret_and_get_application_id(secret_matched)
    217     if not spn_application_id:
    218         continue

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/labs/ucx/assessment/crawlers.py:188, in AzureServicePrincipalCrawler._check_secret_and_get_application_id(self, secret_matched)
    186 if len(split) == _SECRET_LIST_LENGTH:
    187     secret_scope, secret_key = split[1], split[2]
--> 188     spn_application_id = self._ws.secrets.get_secret(secret_scope, secret_key)
    189     return spn_application_id

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/sdk/service/workspace.py:1446, in SecretsAPI.get_secret(self, scope, key)
   1444 if scope is not None: query['scope'] = scope
   1445 headers = {'Accept': 'application/json', }
-> 1446 res = self._api.do('GET', '/api/2.0/secrets/get', query=query, headers=headers)
   1447 return GetSecretResponse.from_dict(res)

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/sdk/core.py:1061, in ApiClient.do(self, method, path, query, headers, body, raw, files, data)
   1058 headers['User-Agent'] = self._user_agent_base
   1059 retryable = retried(timeout=timedelta(seconds=self._retry_timeout_seconds),
   1060                     is_retryable=self._is_retryable)
-> 1061 return retryable(self._perform)(method,
   1062                                 path,
   1063                                 query=query,
   1064                                 headers=headers,
   1065                                 body=body,
   1066                                 raw=raw,
   1067                                 files=files,
   1068                                 data=data)

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/sdk/retries.py:47, in retried.<locals>.decorator.<locals>.wrapper(*args, **kwargs)
     43     retry_reason = f'{type(err).__name__} is allowed to retry'
     45 if retry_reason is None:
     46     # raise if exception is not retryable
---> 47     raise err
     49 logger.debug(f'Retrying: {retry_reason} (sleeping ~{sleep}s)')
     50 time.sleep(sleep + random())

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/sdk/retries.py:29, in retried.<locals>.decorator.<locals>.wrapper(*args, **kwargs)
     27 while time.time() < deadline:
     28     try:
---> 29         return func(*args, **kwargs)
     30     except Exception as err:
     31         last_err = err

File /local_disk0/.ephemeral_nfs/cluster_libraries/python/lib/python3.10/site-packages/databricks/sdk/core.py:1150, in ApiClient._perform(self, method, path, query, headers, body, raw, files, data)
   1146 if not response.ok: # internally calls response.raise_for_status()
   1147     # TODO: experiment with traceback pruning for better readability
   1148     # See https://stackoverflow.com/a/58821552/277035
   1149     payload = response.json()
-> 1150     raise self._make_nicer_error(response=response, **payload) from None
   1151 if raw:
   1152     return StreamingResponse(response)

DatabricksError: Scope myscope does not exist!
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Assessment failing on 'assess_azure_service_principals' #417

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Assessment failing on 'assess_azure_service_principals' #417

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions