How to deploy DABs from GitHub actions without secrets (Databricks-only Service Principal)

You've built your Databricks solution that has to be deployed. But how do you do it securely without storing secrets? In this episode, I walk you through connecting GitHub Actions to Azure Databricks using a DBX-only Service Principal and workload identity federation (OIDC). No secrets, no passwords, no real user accounts. Just a modern, secure approach used in real-world data platforms. ▬▬▬▬▬▬ IMPORTANT LINKS ▬▬▬▬▬▬ My LinkedIn profile: https://www.linkedin.com/in/piotr-tybulewicz-81a8793/ My GitHub with drawings and source code (available only to Senior Data Engineer members): https://github.com/TybulOnAzure/Senior-Data-Engineer ▬▬▬▬▬▬ SUPPORTING MY CHANNEL ▬▬▬▬▬▬ Buy me a coffee (or beer): https://buymeacoffee.com/piotrv Join this channel to get access to perks: https://www.youtube.com/channel/UCLnXq-Fr-6rAsCitq9nYiGg/join ▬▬▬▬▬▬ CHAPTERS ▬▬▬▬▬▬ 00:00 Introduction 00:27 Scenario 03:15 Implementation 16:19 Trying to be smart 18:07 Summary