search

databricks / terraform-provider-databricks

Databricks Terraform Provider
https://registry.terraform.io/providers/databricks/databricks/latest
Other
445 stars 383 forks source link

[ISSUE] Issue with `databricks_mount` resource : Having to unmount manually whenever storage account keys are rotated #2394

Open satyakrish opened 1 year ago

satyakrish commented 1 year ago

Configuration


resource "azurerm_machine_learning_datastore_blobstorage" "blob_datastore" {
  depends_on = [
    module.mlw_ep,
  ]
  for_each = { for datastore in var.blob_datastores : datastore.name => datastore }
  name     = each.key

  account_key                = each.value.account_key
  description                = each.value.description
  is_default                 = each.value.is_default
  service_data_auth_identity = each.value.service_data_auth_identity
  shared_access_signature    = each.value.shared_access_signature
  storage_container_id       = each.value.storage_container_id
  workspace_id               = module.workspace.id
}

resource "databricks_secret_scope" "ml" {
  depends_on               = [module.databricks]
  name                     = var.databricks.secret_scope_name
  initial_manage_principal = "users"
}

resource "databricks_secret" "storage_key" {
  key          = var.databricks.storage_key_secret_name
  string_value = module.storage.primary_access_key
  scope        = databricks_secret_scope.ml.name
}

resource "databricks_mount" "blob_datastore_mount" {
  name = var.databricks.blob_datastore_mount_name
  wasb {
    container_name       = format("blob-datastore-%s", local.namespace)
    storage_account_name = module.storage.name
    auth_type            = "ACCESS_KEY"
    token_secret_scope   = databricks_secret_scope.ml.name
    token_secret_key     = databricks_secret.storage_key.key
  }
}

Expected Behavior

After storage account key rotation. Run terraform apply Pulls latest keys Updates azurerm_machine_learning_datastore_blobstorage automatically Updates databricks_secret automatically databricks_mount resource should also be updated automatically.

Actual Behavior

After storage account key rotation. Run terraform apply Pulls latest keys Updates azurerm_machine_learning_datastore_blobstorage automatically Updates databricks_secret automatically But databricks_mount resource is not getting automatically updated Had to unmount manually using dbutils command and then run terraform apply, now mounting is successfully

Steps to Reproduce

Debug Output

Important Factoids

TakeshiMatsukura commented 1 year ago

https://github.com/databricks/terraform-provider-databricks/issues/513 It's the known issue.

nkvuong commented 1 year ago

@satyakrish as we are moving to using Unity Catalog for governance across Databricks - mount will eventually be replaced with databricks_volume, so we will not be able to spend a huge amount of time on updating mounts. We would encourage you to look at Unity Catalog & consider using Volumes going forward