Github user weand commented on the issue:
https://github.com/apache/zeppelin/pull/2925
The notebook now runs successfully after restart with the user who enabled
the scheduler.
2 remaining issues:
1) user1 schedules the cron. then the note is executed via cron with
'user1' only as long as nobody else runs the note. as soon as 'user2' runs the
note manually, the cron will also use 'user2' from that time on. Endusers would
expect the cron will always run as 'user1'.
2) One more valid but yet uncovered use case left in my mind (dealing with
permissions):
- interpreter permissions have been set only for groups (e.g. DepartmentA
should be allowed to run spark interpreter)
- user created note with %spark interpreter and schedules a cron
- now when cron runs, **only username is added to authentication info.
groups of the user (e.g. DepartmentA in that example) are omitted** and the
notebook fails with an error, that **user 'xyz' has no permission for running
the interpreter**.
any chance to fix that case as well?
I think of something like introducing cronExecutingRoles (in addition to
cronExecutingUser) and adding all roles of the user who enables the cron to
that config property. And then when a cron runs, all that roles are added to
the corresponding authentication info.
---
