Skip to content

Add marketplace-provisioning app#732

Open
michellejm wants to merge 3 commits intodatabrickslabs:mainfrom
michellejm:marketplace-provisioning
Open

Add marketplace-provisioning app#732
michellejm wants to merge 3 commits intodatabrickslabs:mainfrom
michellejm:marketplace-provisioning

Conversation

@michellejm
Copy link
Copy Markdown

@michellejm michellejm commented Apr 21, 2026

Summary

Adds marketplace-provisioning/ — a Databricks App that provisions Genie spaces and Unity Catalog datasets for Marketplace / Free Edition users. Players pick a business-mystery scenario and the app creates a catalog, tables, volumes, and a configured Genie space in their workspace, then scores submitted solutions against expected evidence.

  • FastAPI backend + React/Vite frontend, bundled static assets committed
  • Service-principal-only auth via databricks.sdk.WorkspaceClient (no PAT storage, no on-behalf-of-user)
  • Unity Catalog identifier validation + parameterized SQL throughout the provisioner
  • Self-contained scoring (keyword-based, no LLM dependency)
  • Marketplace-schema manifest.yaml and minimal app.yaml

Test plan

  • Deploy via databricks bundle deploy to a Free Edition workspace
  • Create a scenario end-to-end (catalog + tables + Genie space)
  • Submit a solution and verify scoring
  • Confirm no external network calls and no PAT in logs

This pull request and its description were written by Isaac.

Michelle McSweeney added 3 commits April 21, 2026 15:22
Add marketplace-provisioning app
46d9c2b 
Game + Genie provisioner for Marketplace/Free Edition users. Flask
backend (app.py, provisioner.py) plus React/Vite frontend and
scenarios data.

Co-authored-by: Isaac
Add marketplace-provisioning README frontmatter and CODEOWNERS entry
3616fa1 
Per CONTRIBUTING.md requirements for new experiments.

Co-authored-by: Isaac
Security hardening and Marketplace-readiness pass on marketplace-prov…
b5db2c0 
…isioning

- Enforce service-principal-only auth in provisioner.get_auth (no DATABRICKS_TOKEN fallback)
- Validate all Unity Catalog identifiers via _check_ident / _check_dotted_ident before SQL interpolation
- Fix profanity filter substring bug (word-boundary match instead of "in" check)
- Cap in-memory provisioning status dict to prevent unbounded growth
- Sanitize user-facing error messages; log full tracebacks server-side only
- Remove dead code: get_current_user(), init_db UNIQUE migration, Leaderboard UI + api stubs + types + CSS
- Strip stale warehouse_id from all scenario genie_space.json files
- Rewrite manifest.yaml to Marketplace schema (version, name, description, user_api_scopes)
- Drop serving_endpoint resource from databricks.yml
- Expand SECURITY.md with auth model, scope rationale, and input-validation notes
- Rebuild frontend bundle

Co-authored-by: Isaac
@michellejm michellejm requested a review from a team as a code owner April 21, 2026 19:45
@michellejm michellejm requested a review from nsenno-dbr April 21, 2026 19:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nsenno-dbr nsenno-dbr Awaiting requested review from nsenno-dbr nsenno-dbr is a code owner automatically assigned from databrickslabs/sandbox-write

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@michellejm