Databricks Community

Kaijser · ‎06-14-2023

I want to install a .whl file on my Databricks cluster which includes a private Azure DevOps repository as a dependency in its pyproject.toml file, i.e.:

[project]
name = "test"
description = "test_description."
version = "0.1.0"
authors = [
  { name = "test", email = "test@test.nl" }
]
requires-python = ">=3.7"
dependencies = [
  "pandas",
  "aiohttp",
  "private_repo @ git+https://<PERSONAL_ACCESS_TOKEN>@dev.azure.com/company/project/_git/private_repo"
]
 
[build-system]
requires = ["setuptools"]
build-backend = "setuptools.build_meta"

This works but as you can see I have to provide a DevOps personal access token in the pyproject.toml file, which I don't want, because this file is also visible to other people.

I was wondering whether there is a convenient way of hiding this in the pyproject.toml file and instead retrieve it dynamically from the Azure Key Vault. For example, in the Databricks notebooks we can use dbutils to access secret keys, like:

dbutils.secrets.get(scope="secret_scope", key="secret_key")

I guess in setup.py you could use dbutils to do so, but I am not sure how it works with a .toml file.

Anonymous · ‎06-15-2023

Hi @Aaron Kaijser

Great to meet you, and thanks for your question!

Let's see if your peers in the community have an answer to your question. Thanks.

Databricks Community

Installing private python Azure DevOps repository without revealing personal access token in pyproject.toml

Connect with Databricks Users in Your Area

What’s New With Databricks Assistant?

Databricks Community Champion - October 2024 - Filip Niziol

Become Our Next Monthly Community Champion!

Introducing Simple, Fast, and Scalable Batch LLM Inference on Mosaic AI Model Serving

Databricks Migration Strategy: Lessons Learned