08-30-2023 11:56 AM
I'm trying to deploy using Databricks Asset Bundles via an Azure DevOps pipeline. I keep getting this error when trying to use oauth:
Error: default auth: oauth-m2m: oidc: databricks OAuth is not supported for this host. Config: host=https://<workspace>.azuredatabricks.net, client_id=***, client_secret=***. Env: DATABRICKS_HOST, DATABRICKS_CLIENT_ID, DATABRICKS_CLIENT_SECRET
##[error]Bash exited with code '1'.
The pipeline is nothing complicated:
trigger:
- development
pool:
vmImage: ubuntu-latest
variables:
- group: "DevOps Service Credentials Databricks"
stages:
- stage: "Development_Deploy"
jobs:
- job: "Deploy_Bundle"
steps:
- script: |
curl -fsSL https://raw.githubusercontent.com/databricks/setup-cli/main/install.sh | sh
displayName: 'Install Databricks CLI'
- script: |
databricks bundle deploy
displayName: 'Deploy Databricks Asset Bundle'
env:
DATABRICKS_HOST: https://<workspace>.azuredatabricks.net
DATABRICKS_CLIENT_ID: $(databricksdevopsdeployment-clientid)
DATABRICKS_CLIENT_SECRET: $(databricksdevopsdeployment-clientsecret)
Any ideas? What am I doing wrong?
09-12-2023 03:59 AM
Hi @bradleyjamrozik, thank you for posting your question. You will need to use ARM_ variables to make it work
Specifically
ARM_CLIENT_ID
ARM_TENANT_ID
ARM_CLIENT_SECRET
https://learn.microsoft.com/en-us/azure/databricks/dev-tools/auth#environment-3 for reference,
Hope that helps!
08-31-2023 07:04 AM
I can confirm that the host/clientid/clientsecret are correct as I can use the same variables with az login and it connects to the workspace successfully; I just get a different error of "cannot create default credentials" for the a job after it successfully uploads the bundle files. Is there a setting I need to check to enable oauth for a given workspace?
09-12-2023 03:59 AM
Hi @bradleyjamrozik, thank you for posting your question. You will need to use ARM_ variables to make it work
Specifically
ARM_CLIENT_ID
ARM_TENANT_ID
ARM_CLIENT_SECRET
https://learn.microsoft.com/en-us/azure/databricks/dev-tools/auth#environment-3 for reference,
Hope that helps!
09-13-2023 08:25 AM
That did it, thank you!
05-08-2024 07:15 AM - edited 05-08-2024 07:17 AM
So in this case the Azure managed identities authentication needs to be used?
Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.
If there isn’t a group near you, start one and help create a community that brings people together.
Request a New Group