I am working on setting up CICD for dataiku to deploy bundle from our design node to automation node. For security reasons our design node is setup behind proxy and accessing design node will redirect to single sign-on url.
The problem I am having when running the run_bundle.py is it errors out for authentication with the url redirect. "request" module has a "session" functionality to handle sessions. I believe you are also using request moduel in the dataiku. Can you please suggest how I can solve this issue?
If I understand correctly your reverse proxy is redirecting all requests to the SSO URL.
Assuming you run_bundle.py script is using the public API you will need to request your IT to modify the reverse proxy configuration to allow for direct access to the Public API base URL: http://dss_host:dss_port/public/api/ without the redirect to the SSO page for the API calls to work. To further restrict this as needed in the reverse proxy config s based on source IP, if the source IP is Design/Deployer node.
Hope this helps!
Now I see we can only authenticate via apikey. Is there an alternative to use userid/password. I was thinking of a possible solution from my end.
For exposing api url without proxy redirect might not be an option at my organization. Do we have to modify any thing on design node to create this new end point "/public/api/ ".
Indeed only API key authentication using Basic Auth is possible for both REST and Python API.
Any API call made via the python API or rest API would typically go to the base URL http://dss_host:dss_port/public/api/, hence if you can exclude redirects for this path only between Design-> Automation it should unblock you. No additional configuration is required other than creating the API key.