Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Moving from flytepropeller - Introduces new "env_var" and "file" fields to Secret to allow specifying name/mountPath on injection #minor #4156

Conversation

eapolinario
Copy link
Contributor

TL;DR

Introduces new fields to the Secret object:

  • env_var
  • file

Allowing users to directly specify a name or mountPath for the Secret, without having to specify a full PodTemplate(name). The old mount_requirement can still be used. Example:

from flytekit import task, workflow, Secret
import flytekit
import os


@task(
    secret_requests=[
        Secret(
            group="user-info",
            key="user_secret",
            mount_requirement=Secret.MountType.FILE,
        ),
        Secret(
            group="user-info",
            key="user_secret",
            mount_requirement=Secret.MountType.ENV_VAR,
        ),
    ]
)
def old() -> None:
    context = flytekit.current_context()
    print("old")

    # mount_requirement=ENV_VAR
    print(context.secrets.get(env_name="_FSEC_USER-INFO_USER_SECRET"))

    # mount_requirement=FILE
    with open('/etc/flyte/secrets/user-info/user_secret', 'r') as infile:
        print(infile.readlines())
    return True

@task(
    secret_requests=[
        Secret(
            group="user-info",
            key="user_secret",
            env_var=Secret.MountEnvVar(name="foo"),
        ),
        Secret(
            group="user-info",
            key="user_secret",
            file=Secret.MountFile(path="/foo"),
        ),
    ]
)

def new() -> None:
    context = flytekit.current_context()
    print("new")

    # env_var=
    print(context.secrets.get(env_name="foo"))

    # file=
    with open('/foo/user_secret', 'r') as infile:
        print(infile.readlines())


@workflow
def training_workflow(hyperparameters: dict) -> None:
    """Put all of the steps together into a single workflow."""
    old()
    new()

Type

  • Bug Fix
  • Feature
  • Plugin

Are all requirements met?

  • Code completed
  • Smoke tested
  • Unit tests added
  • Code documentation added
  • Any pending items have an associated Issue

Complete description

How did you fix the bug, make the feature etc. Link to any design docs etc

Tracking Issue

fixes #3053

Follow-up issue

NA

Linked PRs

gpgn and others added 6 commits July 8, 2023 18:30
Signed-off-by: Geert Pingen <[email protected]>
Signed-off-by: Geert Pingen <[email protected]>
Signed-off-by: Geert Pingen <[email protected]>
Signed-off-by: Geert Pingen <[email protected]>
Signed-off-by: Eduardo Apolinario <[email protected]>
@codecov
Copy link

codecov bot commented Oct 3, 2023

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (d9586b0) 58.98% compared to head (abff384) 61.41%.

❗ Current head abff384 differs from pull request most recent head a9691eb. Consider uploading reports for the commit a9691eb to get more accurate results

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #4156      +/-   ##
==========================================
+ Coverage   58.98%   61.41%   +2.42%     
==========================================
  Files         619      372     -247     
  Lines       52804    26643   -26161     
==========================================
- Hits        31146    16362   -14784     
+ Misses      19174     8675   -10499     
+ Partials     2484     1606     -878     
Flag Coverage Δ
unittests ?

Flags with carried forward coverage won't be shown. Click here to find out more.

see 581 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Core feature] control ENV var name for injected secrets
2 participants