mirror of
https://github.com/open-metadata/OpenMetadata.git
synced 2025-07-17 06:03:47 +00:00
333 lines
11 KiB
Markdown
333 lines
11 KiB
Markdown
---
|
|
title: Run Superset Connector using the CLI
|
|
slug: /connectors/dashboard/superset/cli
|
|
---
|
|
|
|
# Run Superset using the metadata CLI
|
|
|
|
In this section, we provide guides and references to use the Superset connector.
|
|
|
|
Configure and schedule Superset metadata and profiler workflows from the OpenMetadata UI:
|
|
- [Requirements](#requirements)
|
|
- [Metadata Ingestion](#metadata-ingestion)
|
|
|
|
## Requirements
|
|
|
|
<InlineCallout color="violet-70" icon="description" bold="OpenMetadata 0.12 or later" href="/deployment">
|
|
To deploy OpenMetadata, check the <a href="/deployment">Deployment</a> guides.
|
|
</InlineCallout>
|
|
|
|
To run the Ingestion via the UI you'll need to use the OpenMetadata Ingestion Container, which comes shipped with
|
|
custom Airflow plugins to handle the workflow deployment.
|
|
|
|
The ingestion also works with Superset 2.0.0 🎉
|
|
|
|
<Note>
|
|
|
|
**API Connection**: To extract metadata from Superset via API, user must have at least `can read on Chart` & `can read on Dashboard` permissions.
|
|
|
|
<br/>
|
|
|
|
**Database Connection**: To extract metadata from Superset via MySQL or Postgres database, database user must have at least `SELECT` priviledge on `dashboards` & `slices` tables within superset schema.
|
|
|
|
</Note>
|
|
|
|
|
|
### Python Requirements
|
|
|
|
To run the Superset ingestion, you will need to install:
|
|
|
|
```bash
|
|
pip3 install "openmetadata-ingestion[superset]"
|
|
```
|
|
|
|
## Metadata Ingestion
|
|
|
|
All connectors are defined as JSON Schemas.
|
|
[Here](https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-spec/src/main/resources/json/schema/entity/services/connections/dashboard/supersetConnection.json)
|
|
you can find the structure to create a connection to Superset.
|
|
|
|
In order to create and run a Metadata Ingestion workflow, we will follow
|
|
the steps to create a YAML configuration able to connect to the source,
|
|
process the Entities if needed, and reach the OpenMetadata server.
|
|
|
|
The workflow is modeled around the following
|
|
[JSON Schema](https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-spec/src/main/resources/json/schema/metadataIngestion/workflow.json)
|
|
|
|
### 1. Define the YAML Config
|
|
|
|
This is a sample config for Superset:
|
|
|
|
```yaml
|
|
source:
|
|
type: superset
|
|
serviceName: local_superset
|
|
serviceConnection:
|
|
config:
|
|
type: Superset
|
|
hostPort: http://localhost:8088
|
|
connection:
|
|
# For Superset API Connection
|
|
username: admin
|
|
password: admin
|
|
provider: db # or provider: ldap
|
|
|
|
# For MySQL Connection
|
|
# type: Mysql
|
|
# username: <username>
|
|
# password: <password>
|
|
# hostPort: <hostPort>
|
|
# databaseSchema: superset
|
|
|
|
# For Postgres Connection
|
|
# type: Postgres
|
|
# username: username
|
|
# password: password
|
|
# hostPort: localhost:5432
|
|
# database: superset
|
|
|
|
sourceConfig:
|
|
config:
|
|
type: DashboardMetadata
|
|
# dbServiceNames:
|
|
# - service1
|
|
# - service2
|
|
# dashboardFilterPattern:
|
|
# includes:
|
|
# - dashboard1
|
|
# - dashboard2
|
|
# excludes:
|
|
# - dashboard3
|
|
# - dashboard4
|
|
# chartFilterPattern:
|
|
# includes:
|
|
# - chart1
|
|
# - chart2
|
|
# excludes:
|
|
# - chart3
|
|
# - chart4
|
|
sink:
|
|
type: metadata-rest
|
|
config: {}
|
|
workflowConfig:
|
|
# loggerLevel: DEBUG # DEBUG, INFO, WARN or ERROR
|
|
openMetadataServerConfig:
|
|
hostPort: <OpenMetadata host and port>
|
|
authProvider: <OpenMetadata auth provider>
|
|
```
|
|
|
|
#### Source Configuration - Service Connection
|
|
|
|
|
|
- **hostPort**: URL to the Superset instance.
|
|
- **connection**: Add the connection details to fetch metadata from Superset either through APIs or Database.
|
|
|
|
<Collapse title="Superset API Connection">
|
|
|
|
- **username**: Specify the User to connect to Superset. It should have enough privileges to read all the metadata.
|
|
- **password**: Password for Superset.
|
|
- **provider**: Authentication provider for the Superset service. For basic user/password authentication, the default value `db` can be used. This parameter is used internally to connect to Superset's REST API.
|
|
|
|
</Collapse>
|
|
|
|
<Collapse title="MySQL Connection">
|
|
|
|
- **username**: Specify the User to connect to MySQL. It should have enough privileges to read all the metadata.
|
|
- **password**: Password to connect to MySQL.
|
|
- **hostPort**: Enter the fully qualified hostname and port number for your MySQL deployment in the Host and Port field.
|
|
- **Connection Options (Optional)**: Enter the details for any additional connection options that can be sent to MySQL during the connection. These details must be added as Key-Value pairs.
|
|
- **Connection Arguments (Optional)**: Enter the details for any additional connection arguments such as security or protocol configs that can be sent to MySQL during the connection. These details must be added as Key-Value pairs.
|
|
- In case you are using Single-Sign-On (SSO) for authentication, add the `authenticator` details in the Connection Arguments as a Key-Value pair as follows: `"authenticator" : "sso_login_url"`
|
|
- In case you authenticate with SSO using an external browser popup, then add the `authenticator` details in the Connection Arguments as a Key-Value pair as follows: `"authenticator" : "externalbrowser"`
|
|
|
|
</Collapse>
|
|
|
|
<Collapse title="Postgres Connection">
|
|
|
|
- **username**: Specify the User to connect to Postgres. It should have enough privileges to read all the metadata.
|
|
- **password**: Password to connect to Postgres.
|
|
- **hostPort**: Enter the fully qualified hostname and port number for your Postgres deployment in the Host and Port field.
|
|
- **Connection Options (Optional)**: Enter the details for any additional connection options that can be sent to Postgres during the connection. These details must be added as Key-Value pairs.
|
|
- **Connection Arguments (Optional)**: Enter the details for any additional connection arguments such as security or protocol configs that can be sent to Postgres during the connection. These details must be added as Key-Value pairs.
|
|
- In case you are using Single-Sign-On (SSO) for authentication, add the `authenticator` details in the Connection Arguments as a Key-Value pair as follows: `"authenticator" : "sso_login_url"`
|
|
- In case you authenticate with SSO using an external browser popup, then add the `authenticator` details in the Connection Arguments as a Key-Value pair as follows: `"authenticator" : "externalbrowser"`
|
|
|
|
</Collapse>
|
|
|
|
#### Source Configuration - Source Config
|
|
|
|
The `sourceConfig` is defined [here](https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-spec/src/main/resources/json/schema/metadataIngestion/dashboardServiceMetadataPipeline.json):
|
|
|
|
- `dbServiceNames`: Database Service Name for the creation of lineage, if the source supports it.
|
|
- `dashboardFilterPattern` and `chartFilterPattern`: Note that the `dashboardFilterPattern` and `chartFilterPattern` both support regex as include or exclude. E.g.,
|
|
|
|
```yaml
|
|
dashboardFilterPattern:
|
|
includes:
|
|
- users
|
|
- type_test
|
|
```
|
|
|
|
#### Sink Configuration
|
|
|
|
To send the metadata to OpenMetadata, it needs to be specified as `type: metadata-rest`.
|
|
|
|
#### Workflow Configuration
|
|
|
|
The main property here is the `openMetadataServerConfig`, where you can define the host and security provider of your OpenMetadata installation.
|
|
|
|
For a simple, local installation using our docker containers, this looks like:
|
|
|
|
```yaml
|
|
workflowConfig:
|
|
openMetadataServerConfig:
|
|
hostPort: 'http://localhost:8585/api'
|
|
authProvider: openmetadata
|
|
securityConfig:
|
|
jwtToken: '{bot_jwt_token}'
|
|
```
|
|
|
|
We support different security providers. You can find their definitions [here](https://github.com/open-metadata/OpenMetadata/tree/main/openmetadata-spec/src/main/resources/json/schema/security/client).
|
|
You can find the different implementation of the ingestion below.
|
|
|
|
<Collapse title="Configure SSO in the Ingestion Workflows">
|
|
|
|
### Openmetadata JWT Auth
|
|
|
|
```yaml
|
|
workflowConfig:
|
|
openMetadataServerConfig:
|
|
hostPort: 'http://localhost:8585/api'
|
|
authProvider: openmetadata
|
|
securityConfig:
|
|
jwtToken: '{bot_jwt_token}'
|
|
```
|
|
|
|
### Auth0 SSO
|
|
|
|
```yaml
|
|
workflowConfig:
|
|
openMetadataServerConfig:
|
|
hostPort: 'http://localhost:8585/api'
|
|
authProvider: auth0
|
|
securityConfig:
|
|
clientId: '{your_client_id}'
|
|
secretKey: '{your_client_secret}'
|
|
domain: '{your_domain}'
|
|
```
|
|
|
|
### Azure SSO
|
|
|
|
```yaml
|
|
workflowConfig:
|
|
openMetadataServerConfig:
|
|
hostPort: 'http://localhost:8585/api'
|
|
authProvider: azure
|
|
securityConfig:
|
|
clientSecret: '{your_client_secret}'
|
|
authority: '{your_authority_url}'
|
|
clientId: '{your_client_id}'
|
|
scopes:
|
|
- your_scopes
|
|
```
|
|
|
|
### Custom OIDC SSO
|
|
|
|
```yaml
|
|
workflowConfig:
|
|
openMetadataServerConfig:
|
|
hostPort: 'http://localhost:8585/api'
|
|
authProvider: custom-oidc
|
|
securityConfig:
|
|
clientId: '{your_client_id}'
|
|
secretKey: '{your_client_secret}'
|
|
domain: '{your_domain}'
|
|
```
|
|
|
|
### Google SSO
|
|
|
|
```yaml
|
|
workflowConfig:
|
|
openMetadataServerConfig:
|
|
hostPort: 'http://localhost:8585/api'
|
|
authProvider: google
|
|
securityConfig:
|
|
secretKey: '{path-to-json-creds}'
|
|
```
|
|
|
|
### Okta SSO
|
|
|
|
```yaml
|
|
workflowConfig:
|
|
openMetadataServerConfig:
|
|
hostPort: http://localhost:8585/api
|
|
authProvider: okta
|
|
securityConfig:
|
|
clientId: "{CLIENT_ID - SPA APP}"
|
|
orgURL: "{ISSUER_URL}/v1/token"
|
|
privateKey: "{public/private keypair}"
|
|
email: "{email}"
|
|
scopes:
|
|
- token
|
|
```
|
|
|
|
### Amazon Cognito SSO
|
|
|
|
The ingestion can be configured by [Enabling JWT Tokens](https://docs.open-metadata.org/deployment/security/enable-jwt-tokens)
|
|
|
|
```yaml
|
|
workflowConfig:
|
|
openMetadataServerConfig:
|
|
hostPort: 'http://localhost:8585/api'
|
|
authProvider: auth0
|
|
securityConfig:
|
|
clientId: '{your_client_id}'
|
|
secretKey: '{your_client_secret}'
|
|
domain: '{your_domain}'
|
|
```
|
|
|
|
### OneLogin SSO
|
|
|
|
Which uses Custom OIDC for the ingestion
|
|
|
|
```yaml
|
|
workflowConfig:
|
|
openMetadataServerConfig:
|
|
hostPort: 'http://localhost:8585/api'
|
|
authProvider: custom-oidc
|
|
securityConfig:
|
|
clientId: '{your_client_id}'
|
|
secretKey: '{your_client_secret}'
|
|
domain: '{your_domain}'
|
|
```
|
|
|
|
### KeyCloak SSO
|
|
|
|
Which uses Custom OIDC for the ingestion
|
|
|
|
```yaml
|
|
workflowConfig:
|
|
openMetadataServerConfig:
|
|
hostPort: 'http://localhost:8585/api'
|
|
authProvider: custom-oidc
|
|
securityConfig:
|
|
clientId: '{your_client_id}'
|
|
secretKey: '{your_client_secret}'
|
|
domain: '{your_domain}'
|
|
```
|
|
|
|
</Collapse>
|
|
|
|
|
|
### 2. Run with the CLI
|
|
|
|
First, we will need to save the YAML file. Afterward, and with all requirements installed, we can run:
|
|
|
|
```bash
|
|
metadata ingest -c <path-to-yaml>
|
|
```
|
|
|
|
Note that from connector to connector, this recipe will always be the same. By updating the YAML configuration,
|
|
you will be able to extract metadata from different sources.
|
|
|