def get_databricks_host_creds(profile=None):
"""
Reads in configuration necessary to make HTTP requests to a Databricks server. This
uses the Databricks CLI's ConfigProvider interface to load the DatabricksConfig object.
This method will throw an exception if sufficient auth cannot be found.
:param profile: Databricks CLI profile. If not provided, we will read the default profile.
:return: :py:class:`mlflow.rest_utils.MlflowHostCreds` which includes the hostname and
authentication information necessary to talk to the Databricks server.
"""
if not hasattr(provider, 'get_config'):
eprint(
"Warning: support for databricks-cli<0.8.0 is deprecated and will be removed"
" in a future version.")
config = provider.get_config_for_profile(profile)
elif profile:
config = provider.ProfileConfigProvider(profile).get_config()
else:
config = provider.get_config()
if not config or not config.host:
_fail_malformed_databricks_auth(profile)
insecure = hasattr(config, 'insecure') and config.insecure
if config.username is not None and config.password is not None:
return MlflowHostCreds(config.host,
username=config.username,
password=config.password,
ignore_tls_verification=insecure)
elif config.token:
return MlflowHostCreds(config.host,
token=config.token,
ignore_tls_verification=insecure)
_fail_malformed_databricks_auth(profile)
def get_databricks_host_creds(server_uri=None):
"""
Reads in configuration necessary to make HTTP requests to a Databricks server. This
uses the Databricks CLI's ConfigProvider interface to load the DatabricksConfig object.
If no Databricks CLI profile is found corresponding to the server URI, this function
will attempt to retrieve these credentials from the Databricks Secret Manager. For that to work,
the server URI will need to be of the following format: "databricks://scope:prefix". In the
Databricks Secret Manager, we will query for a secret in the scope "<scope>" for secrets with
keys of the form "<prefix>-host" and "<prefix>-token". Note that this prefix *cannot* be empty
if trying to authenticate with this method. If found, those host credentials will be used. This
method will throw an exception if sufficient auth cannot be found.
:param server_uri: A URI that specifies the Databricks profile you want to use for making
requests.
:return: :py:class:`mlflow.rest_utils.MlflowHostCreds` which includes the hostname and
authentication information necessary to talk to the Databricks server.
"""
profile, path = get_db_info_from_uri(server_uri)
if not hasattr(provider, "get_config"):
_logger.warning(
"Support for databricks-cli<0.8.0 is deprecated and will be removed"
" in a future version.")
config = provider.get_config_for_profile(profile)
elif profile:
config = provider.ProfileConfigProvider(profile).get_config()
else:
config = provider.get_config()
# if a path is specified, that implies a Databricks tracking URI of the form:
# databricks://profile-name/path-specifier
if (not config or not config.host) and path:
dbutils = _get_dbutils()
if dbutils:
# Prefix differentiates users and is provided as path information in the URI
key_prefix = path
host = dbutils.secrets.get(scope=profile, key=key_prefix + "-host")
token = dbutils.secrets.get(scope=profile,
key=key_prefix + "-token")
if host and token:
config = provider.DatabricksConfig.from_token(host=host,
token=token,
insecure=False)
if not config or not config.host:
_fail_malformed_databricks_auth(profile)
insecure = hasattr(config, "insecure") and config.insecure
if config.username is not None and config.password is not None:
return MlflowHostCreds(
config.host,
username=config.username,
password=config.password,
ignore_tls_verification=insecure,
)
elif config.token:
return MlflowHostCreds(config.host,
token=config.token,
ignore_tls_verification=insecure)
_fail_malformed_databricks_auth(profile)
def get_databricks_http_request_kwargs_or_fail(profile=None):
"""
Reads in configuration necessary to make HTTP requests to a Databricks server. This
uses the Databricks CLI's ConfigProvider interface to load the DatabricksConfig object.
This method will throw an exception if sufficient auth cannot be found.
:param profile: Databricks CLI profile. If not provided, we will read the default profile.
:return: Dictionary with parameters that can be passed to http_request(). This will
at least include the hostname and headers sufficient to authenticate to Databricks.
"""
if not hasattr(provider, 'get_config'):
eprint(
"Warning: support for databricks-cli<0.8.0 is deprecated and will be removed"
" in a future version.")
config = provider.get_config_for_profile(profile)
elif profile:
config = provider.ProfileConfigProvider(profile).get_config()
else:
config = provider.get_config()
hostname = config.host
if not hostname:
_fail_malformed_databricks_auth(profile)
auth_str = None
if config.username is not None and config.password is not None:
basic_auth_str = ("%s:%s" %
(config.username, config.password)).encode("utf-8")
auth_str = "Basic " + base64.standard_b64encode(basic_auth_str).decode(
"utf-8")
elif config.token:
auth_str = "Bearer %s" % config.token
else:
_fail_malformed_databricks_auth(profile)
headers = {
"Authorization": auth_str,
}
verify = True
if hasattr(config, 'insecure') and config.insecure:
verify = False
return {
'hostname': hostname,
'headers': headers,
'verify': verify,
}
