def get_databricks_host_creds(profile=None): """ Reads in configuration necessary to make HTTP requests to a Databricks server. This uses the Databricks CLI's ConfigProvider interface to load the DatabricksConfig object. This method will throw an exception if sufficient auth cannot be found. :param profile: Databricks CLI profile. If not provided, we will read the default profile. :return: :py:class:`mlflow.rest_utils.MlflowHostCreds` which includes the hostname and authentication information necessary to talk to the Databricks server. """ if not hasattr(provider, 'get_config'): eprint( "Warning: support for databricks-cli<0.8.0 is deprecated and will be removed" " in a future version.") config = provider.get_config_for_profile(profile) elif profile: config = provider.ProfileConfigProvider(profile).get_config() else: config = provider.get_config() if not config or not config.host: _fail_malformed_databricks_auth(profile) insecure = hasattr(config, 'insecure') and config.insecure if config.username is not None and config.password is not None: return MlflowHostCreds(config.host, username=config.username, password=config.password, ignore_tls_verification=insecure) elif config.token: return MlflowHostCreds(config.host, token=config.token, ignore_tls_verification=insecure) _fail_malformed_databricks_auth(profile)
def get_databricks_host_creds(server_uri=None): """ Reads in configuration necessary to make HTTP requests to a Databricks server. This uses the Databricks CLI's ConfigProvider interface to load the DatabricksConfig object. If no Databricks CLI profile is found corresponding to the server URI, this function will attempt to retrieve these credentials from the Databricks Secret Manager. For that to work, the server URI will need to be of the following format: "databricks://scope:prefix". In the Databricks Secret Manager, we will query for a secret in the scope "<scope>" for secrets with keys of the form "<prefix>-host" and "<prefix>-token". Note that this prefix *cannot* be empty if trying to authenticate with this method. If found, those host credentials will be used. This method will throw an exception if sufficient auth cannot be found. :param server_uri: A URI that specifies the Databricks profile you want to use for making requests. :return: :py:class:`mlflow.rest_utils.MlflowHostCreds` which includes the hostname and authentication information necessary to talk to the Databricks server. """ profile, path = get_db_info_from_uri(server_uri) if not hasattr(provider, "get_config"): _logger.warning( "Support for databricks-cli<0.8.0 is deprecated and will be removed" " in a future version.") config = provider.get_config_for_profile(profile) elif profile: config = provider.ProfileConfigProvider(profile).get_config() else: config = provider.get_config() # if a path is specified, that implies a Databricks tracking URI of the form: # databricks://profile-name/path-specifier if (not config or not config.host) and path: dbutils = _get_dbutils() if dbutils: # Prefix differentiates users and is provided as path information in the URI key_prefix = path host = dbutils.secrets.get(scope=profile, key=key_prefix + "-host") token = dbutils.secrets.get(scope=profile, key=key_prefix + "-token") if host and token: config = provider.DatabricksConfig.from_token(host=host, token=token, insecure=False) if not config or not config.host: _fail_malformed_databricks_auth(profile) insecure = hasattr(config, "insecure") and config.insecure if config.username is not None and config.password is not None: return MlflowHostCreds( config.host, username=config.username, password=config.password, ignore_tls_verification=insecure, ) elif config.token: return MlflowHostCreds(config.host, token=config.token, ignore_tls_verification=insecure) _fail_malformed_databricks_auth(profile)
def get_databricks_http_request_kwargs_or_fail(profile=None): """ Reads in configuration necessary to make HTTP requests to a Databricks server. This uses the Databricks CLI's ConfigProvider interface to load the DatabricksConfig object. This method will throw an exception if sufficient auth cannot be found. :param profile: Databricks CLI profile. If not provided, we will read the default profile. :return: Dictionary with parameters that can be passed to http_request(). This will at least include the hostname and headers sufficient to authenticate to Databricks. """ if not hasattr(provider, 'get_config'): eprint( "Warning: support for databricks-cli<0.8.0 is deprecated and will be removed" " in a future version.") config = provider.get_config_for_profile(profile) elif profile: config = provider.ProfileConfigProvider(profile).get_config() else: config = provider.get_config() hostname = config.host if not hostname: _fail_malformed_databricks_auth(profile) auth_str = None if config.username is not None and config.password is not None: basic_auth_str = ("%s:%s" % (config.username, config.password)).encode("utf-8") auth_str = "Basic " + base64.standard_b64encode(basic_auth_str).decode( "utf-8") elif config.token: auth_str = "Bearer %s" % config.token else: _fail_malformed_databricks_auth(profile) headers = { "Authorization": auth_str, } verify = True if hasattr(config, 'insecure') and config.insecure: verify = False return { 'hostname': hostname, 'headers': headers, 'verify': verify, }