databricks
Non admin users cannot view runs of local notebooks after the tmp notebook is deleted
When running local notebooks you need workspace-temp-dir. The notebook is uploaded to the temp dir, is then run and after the run is deleted. After this, the access-control-list-json no longer allows the users of the group to see the run, only workspace admins can see the run. If you as a user of the groups who are allowed access in the access-control-list-json try to access it you get the following error:
If I add admin privileges to the user as the error says, I can indeed view the notebook run. The users in the group can also view the run while the notebook is not yet deleted from the workspace-temp-dir directory.
Is there no way of allowing users/groups to view a run of a temp notebook without giving them admin privileges?
Below is the yml and all the parameters used. It was run on Azure Databricks.
- name: Run Notebook on Dev
uses: databricks/run-notebook@v0
with:
databricks-host: https://adb-XXXXXXXXXXXXXXXX.X.azuredatabricks.net/
databricks-token: ${{ env.DATABRICKS_TOKEN_DEV }}
local-notebook-path: d_notebook.sql
workspace-temp-dir: /some-workspace-dir/tmp
new-cluster-json: >
{
"num_workers": 1,
"spark_version": "13.3.x-scala2.12",
"node_type_id": "Standard_DS3_v2"
}
access-control-list-json: >
[
{
"group_name":"DataEngineer",
"permission_level":"CAN_MANAGE"
},
{
"group_name":"DataModeler",
"permission_level":"CAN_VIEW"
}
]
Hi @WillItUsername , I am facing the same. Have you found out any resolution? Commenting to follow.
No, but since this action is just a wrapper on the API, it's probably not a problem with the action, and just how the API/Databricks behaves.