Databricks

Kaijser · ‎06-14-2023

I want to install a .whl file on my Databricks cluster which includes a private Azure DevOps repository as a dependency in its pyproject.toml file, i.e.:

[project]
name = "test"
description = "test_description."
version = "0.1.0"
authors = [
  { name = "test", email = "test@test.nl" }
]
requires-python = ">=3.7"
dependencies = [
  "pandas",
  "aiohttp",
  "private_repo @ git+https://<PERSONAL_ACCESS_TOKEN>@dev.azure.com/company/project/_git/private_repo"
]
 
[build-system]
requires = ["setuptools"]
build-backend = "setuptools.build_meta"

This works but as you can see I have to provide a DevOps personal access token in the pyproject.toml file, which I don't want, because this file is also visible to other people.

I was wondering whether there is a convenient way of hiding this in the pyproject.toml file and instead retrieve it dynamically from the Azure Key Vault. For example, in the Databricks notebooks we can use dbutils to access secret keys, like:

dbutils.secrets.get(scope="secret_scope", key="secret_key")

I guess in setup.py you could use dbutils to do so, but I am not sure how it works with a .toml file.

Anonymous · ‎06-15-2023

Hi @Aaron Kaijser

Great to meet you, and thanks for your question!

Let's see if your peers in the community have an answer to your question. Thanks.

Databricks

Installing private python Azure DevOps repository without revealing personal access token in pyproject.toml

🔔 Attention Databricks Academy Users: SSO Implementation Incoming! Secure Your Account Today!

Announcing the General Availability of Databricks Asset Bundles

Register now and save 50% on training at Data + AI Summit!

How to successfully build GenAI applications

Meet DBRX, the New Standard for High-Quality LLMs