Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ISSUE] azure_workspace_resource_id is displayed when using Azure CLI auth #477

Open
alexott opened this issue Dec 11, 2023 · 1 comment · May be fixed by #409
Open

[ISSUE] azure_workspace_resource_id is displayed when using Azure CLI auth #477

alexott opened this issue Dec 11, 2023 · 1 comment · May be fixed by #409

Comments

@alexott
Copy link
Contributor

alexott commented Dec 11, 2023

Description

When using Azure CLI authentication with host parameter only, the following warning is shown that could be confusing:

WARNING:databricks.sdk:azure_workspace_resource_id field not provided. It is recommended to specify this field in the Databricks configuration to avoid authentication errors.

Technically speaking, azure_workspace_resource_id is required only when user is outside of the workspace (typically on first run), after that - it's not required.

Reproduction

Configure Azure CLI authentication with host only, and without azure_workspace_resource_id, and you'll get a warning

Expected behavior

Warning shouldn't be printed

Is it a regression?
Did this work in a previous version of the SDK? If so, which versions did you try?

Debug Logs
The SDK logs helpful debugging information when debug logging is enabled. Set the log level to debug by adding logging.basicConfig(level=logging.DEBUG) to your program, and include the logs here.

Other Information

  • OS: [e.g. macOS]
  • Version: [e.g. 0.1.0]

Additional context
Add any other context about the problem here.
@nfx nfx linked a pull request Dec 20, 2023 that will close this issue
Remove noisy azure_workspace_resource_id field not provided message for non-production Databricks deployments #409
Open
3 tasks
@mgyucht
Copy link
Contributor

mgyucht commented Jan 3, 2024

It is only required in that scenario, but the logging helps prevent a very annoying class of errors where the SDK fetches the token for the wrong tenant from the Azure CLI. This can only be prevented if the tenant ID or subscription ID is provided. This is a warning because it is sometimes safe and sometimes not depending on the configuration of your azure CLI, and if you don't specify anything else, we don't know whether the default tenant matches the workspace's tenant.

At the very least, we could also allow users to specify the tenant ID explicitly instead of the resource ID. However, without either, we depend on defaults configured in the Azure CLI, which result in an exceptionally poor UX, so we caution users who use Azure CLI auth without this extra metadata.

Actually, now that I think about it, there might be an unauthenticated endpoint that can tell us the tenant that a workspace belongs to. If we have that, we can look up the tenant that way, and users won't have to specify this field.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@alexott @mgyucht