cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Data Engineering
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Configure Service Principle access to GiLab

drag7ter
New Contributor II

2 weeks ago

I'm facing an issue while trying to run my job in db and my notebooks located in Git Lab. When I run job under my personal user_Id it works fine, because I added Git Lab token to my user_Id profile and job able to pull branch from repository. But when I change run as and choose Service Principle id it fails with an error:

run failed with error message
Failed to access Git repository: PERMISSION_DENIED: Invalid Git provider credentials. Go to User Settings > Git Integration to ensure that:
1. You have entered a username with your Git provider credentials.
2. You have selected the correct Git provider with your credentials.
3. Your personal access token or app password has the correct repository access.
4. Your personal access token has not expired.
5. If you have single sign on enabled with your Git provider, be sure to authorize your token.

What has been done so far:

  1. Job was created under my personal user_Id, but run as Service Principle id. The location of notebooks - Git Lab repository branch
  2. In Git Lab I created PAT for my Git Lab personal ID git_lab_personal_user_Id
  3. Service Principle was created in db account console and has admin access and assigned to workspace where job was created (if notebooks located in workspace job runs)
  4. Under my personal db user_Id with (my PAT) I created a token for my Service Principle here token-management on-behalf-of tokens 
  5. Then I checked which git credentials my personal use_Id has in db git-credentials 

 

    "credentials": [
        {
            "credential_id": 434149623900468,
            "git_provider": "gitLabEnterpriseEdition",
            "git_username": "git_lab_personal_user_Id"
        }
    ]

6. Then with a help of PAT, generated in step (4) I created git credentials for my Service Principle POST git-credentials 

"personal_access_token": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",

"git_username": "git_lab_personal_user_Id",

"git_provider": "gitLabEnterpriseEdition"

 

Here "personal_access_token" I've send in create git credentials for service principle - is my PAT for my git_lab_personal_user_Id from Git Lab. I've just added it to Service principle for tests. 

And I thought it should work also with service principle as well as with my databricks personal user_Id in db.

Why I'm getting the error, which step I missed when I configured Service Principle to be able to pull from Git Lab repository?

Failed to access Git repository: PERMISSION_DENIED: Invalid Git provider credentials. Go to User Settings > Git Integration to ensure that:

I'm not able to Go to User Settings > Git Integration because I'm using Service Principle for Git lab and service principle doesn't have User Settings

0 Kudos
1 REPLY 1

Kaniz
Community Manager
Community Manager

2 weeks ago

Hi @drag7ter, There might be a missing piece in the setup.

  • Ensure that youโ€™ve correctly entered the Git provider credentials (username and personal access token) for your Service Principle.
  • Confirm that youโ€™ve selected the correct Git provider (GitLab) when configuring the credentials.
  • Double-check that the personal access token (PAT) you generated for your Git Lab personal ID (git_lab_personal_user_Id) has the necessary repository access.
  • Make sure the PAT hasnโ€™t expired.
  • Confirm that the Service Principle you created in the Databricks account console has admin access.
  • Ensure that the Service Principle is assigned to the workspace where the job was created (if the notebooks are located in that workspace).
  • Youโ€™ve created Git credentials for your Service Principle using the PAT from your Git Lab personal ID. This step looks correct.
  • However, letโ€™s verify that the git_username in the credentials matches the Service Principleโ€™s Git username.
  • If you have SSO enabled with your Git provider, make sure to authorize the token.
  • Note that Service Principles donโ€™t have User Settings, so you wonโ€™t be able to access Git Integration through User Settings.
  • Check if there are any specific Git Lab settings or permissions required for Service Principles.
0 Kudos
Announcements
Welcome to Databricks Community: Lets learn, network and celebrate together

Join our fast-growing data practitioner and expert community of 80K+ members, ready to discover, help and collaborate together while making meaningful connections. 

Click here to register and join today! 

Engage in exciting technical discussions, join a group with your peers and meet our Featured Members.