I want to install a .whl file on my Databricks cluster which includes a private Azure DevOps repository as a dependency in its pyproject.toml file, i.e.:
[project]
name = "test"
description = "test_description."
version = "0.1.0"
authors = [
{ name = "test", email = "test@test.nl" }
]
requires-python = ">=3.7"
dependencies = [
"pandas",
"aiohttp",
"private_repo @ git+https://<PERSONAL_ACCESS_TOKEN>@dev.azure.com/company/project/_git/private_repo"
]
[build-system]
requires = ["setuptools"]
build-backend = "setuptools.build_meta"
This works but as you can see I have to provide a DevOps personal access token in the pyproject.toml file, which I don't want, because this file is also visible to other people.
I was wondering whether there is a convenient way of hiding this in the pyproject.toml file and instead retrieve it dynamically from the Azure Key Vault. For example, in the Databricks notebooks we can use dbutils to access secret keys, like:
dbutils.secrets.get(scope="secret_scope", key="secret_key")
I guess in setup.py you could use dbutils to do so, but I am not sure how it works with a .toml file.