Databricks CLI

Go to file

Serge Smertin b87b4b0f40 Added `bricks auth login` and `bricks auth token` (#158 ) # Auth challenge (happy path) Simplified description of [PKCE](https://oauth.net/2/pkce/) implementation: ```mermaid sequenceDiagram autonumber actor User User ->> CLI: type `bricks auth login HOST` CLI ->>+ HOST: request OIDC endpoints HOST ->>- CLI: auth & token endpoints CLI ->> CLI: start embedded server to consume redirects (lock) CLI -->>+ Auth Endpoint: open browser with RND1 + SHA256(RND2) User ->>+ Auth Endpoint: Go through SSO Auth Endpoint ->>- CLI: AUTH CODE + 'RND1 (redirect) CLI ->>+ Token Endpoint: Exchange: AUTH CODE + RND2 Token Endpoint ->>- CLI: Access Token (JWT) + refresh + expiry CLI ->> Token cache: Save Access Token (JWT) + refresh + expiry CLI ->> User: success ``` # Token refresh (happy path) ```mermaid sequenceDiagram autonumber actor User User ->> CLI: type `bricks token HOST` CLI ->> CLI: acquire lock (same local addr as redirect server) CLI ->>+ Token cache: read token critical token not expired Token cache ->>- User: JWT (without refresh) option token is expired CLI ->>+ HOST: request OIDC endpoints HOST ->>- CLI: auth & token endpoints CLI ->>+ Token Endpoint: refresh token Token Endpoint ->>- CLI: JWT (refreshed) CLI ->> Token cache: save JWT (refreshed) CLI ->> User: JWT (refreshed) option no auth for host CLI -X User: no auth configured end ```		2023-01-06 16:15:57 +01:00
.github	Work on release actions (#153 )	2022-12-22 11:01:50 +01:00
.vscode	Added `bricks auth login` and `bricks auth token` (#158 )	2023-01-06 16:15:57 +01:00
bundle	Define flags for running jobs and pipelines (#146 )	2022-12-23 15:17:16 +01:00
cmd	Added `bricks auth login` and `bricks auth token` (#158 )	2023-01-06 16:15:57 +01:00
experimental/github	Make tests pass (#40 )	2022-09-07 20:08:42 +02:00
folders	Don't depend on working directory in folders.FindDirWithLeaf (#54 )	2022-09-14 15:08:55 +02:00
git	Run Go formatting with 1.19 (#137 )	2022-12-14 15:59:47 +01:00
internal	Use []byte for files in workspace (#162 )	2023-01-05 12:03:31 +01:00
libs	Added `bricks auth login` and `bricks auth token` (#158 )	2023-01-06 16:15:57 +01:00
project	Use Databricks Go SDK v0.1.0 (#110 )	2022-12-01 12:17:36 +01:00
python	Update to Go SDK v0.2.0 (#157 )	2022-12-28 11:32:04 +01:00
retries	Experimental sync command	2022-07-07 20:56:59 +02:00
sandbox	updated dependencies	2022-05-14 19:56:09 +02:00
terraform	Ensure Go code is formatted (#37 )	2022-09-07 15:15:23 +02:00
.gitignore	Implement Terraform state synchronization and deploy (#98 )	2022-12-06 00:40:45 +01:00
.goreleaser.yaml	Remove version suffix from snapshot binaries (#159 )	2023-01-03 12:15:21 +01:00
Makefile	updated dependencies	2022-05-14 19:56:09 +02:00
README.md	Update README.md	2022-05-16 13:31:47 +02:00
go.mod	Added `bricks auth login` and `bricks auth token` (#158 )	2023-01-06 16:15:57 +01:00
go.sum	Update to Go SDK v0.2.0 (#157 )	2022-12-28 11:32:04 +01:00
main.go	Added `bricks auth login` and `bricks auth token` (#158 )	2023-01-06 16:15:57 +01:00

README.md

Bricks CLI 🧱

Where's "data"? Secured by the unity catalog. Projects build lifecycle is secured by bricks 🧱

This is an early PoC at this stage. make build (or download the latest from releases page).

Reuses authentication from Databricks CLI. And terraform provider. See details here: https://registry.terraform.io/providers/databrickslabs/databricks/latest/docs#environment-variables

Supports:

Databricks CLI
Databricks CLI Profiles
Azure CLI Auth
Azure MSI Auth
Azure SPN Auth
Google OIDC Auth
Direct DATABRICKS_HOST, DATABRICKS_TOKEN or DATABRICKS_USERNAME + DATABRICKS_PASSWORD variables.

What works:

./bricks fs ls /
./bricks test
./bricks launch test.py

What doesn't work:

Everything else.

This project reuses some code from Databricks Terraform Provider