-
Notifications
You must be signed in to change notification settings - Fork 300
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduces new "env_var" and "file" fields to Secret to allow specifying name/mountPath on injection #1726
base: master
Are you sure you want to change the base?
Conversation
Signed-off-by: Geert Pingen <[email protected]>
…injection if exists Signed-off-by: Geert Pingen <[email protected]>
Signed-off-by: Geert Pingen <[email protected]>
Thank you for opening this pull request! 🙌 These tips will help get your PR across the finish line:
|
Signed-off-by: Geert Pingen <[email protected]>
Signed-off-by: Geert Pingen <[email protected]>
2154a2d
to
6a59568
Compare
Guessing the builds/readthedocs check fails because this change has a dependency on flyteorg/flyteidl#423 |
Signed-off-by: Geert Pingen <[email protected]>
@@ -35,10 +36,42 @@ class MountType(Enum): | |||
Caution: May not be supported in all environments | |||
""" | |||
|
|||
@dataclass |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
actually i would love to move away from these model classes. The Secret
object will be a mixed bag, but I think that's okay. Could we just use the raw pb generated classes for the new fields?
(background: we wrote the model files before there were .pyi files, so nothing had type hints, field hints and it made things easier to use. but now we do have them with pyi files)
if group is None or group == "": | ||
raise ValueError("secrets group is a mandatory field.") | ||
|
||
@staticmethod | ||
def check_env_name_key(env_name: Optional[str] = None): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
def check_env_name_key(env_name: Optional[str] = None): | |
def assert_env_name_key(env_name: Optional[str] = None): |
self.check_group_key(group) | ||
env_var = self.get_secrets_env_var(group, key, group_version) | ||
fpath = self.get_secrets_file(group, key, group_version) | ||
self.check_env_name_key(env_name) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
self.check_env_name_key(env_name) | |
self.assert_env_name_key(env_name) |
""" | ||
Returns a string that matches the ENV Variable to look for the secrets | ||
""" | ||
self.check_env_name_key(env_name) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this redundant?
@@ -384,10 +404,15 @@ def get_secrets_file(self, group: str, key: Optional[str] = None, group_version: | |||
return os.path.join(self._base_dir, *l) | |||
|
|||
@staticmethod | |||
def check_group_key(group: str): | |||
def check_group_key(group: Optional[str] = None): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should we delete this function completely? it's no longer needed right?
Is there a way here to make API transitions more seamless? For example, rather than introducing new fields (ie.
We could use new variable types for |
@gpgn mind giving me write access to your fork so I can continue this pr? |
@gpgn Do you have any chance to update this PR? I'd like to move this forward. |
Yeah sure thing, I think I gave @wild-endeavor write access to the fork, but I can pick it up. It's been a while since I looked at this but would be a nice exercise to get familiar with the new monorepo setup 👍 |
I'm not sure what changed with the monorepo setup but I'm hitting many errors in setting up a development environment from the last time. I'll continue debugging but if others would like to take this in the mean time, please go ahead. |
@gpgn what type of errors? |
TL;DR
Introduces new fields to the
Secret
object:env_var
file
Allowing users to directly specify a name or mountPath for the Secret, without having to specify a full PodTemplate(name). The old
mount_requirement
can still be used. Example:Type
Are all requirements met?
Complete description
How did you fix the bug, make the feature etc. Link to any design docs etc
Tracking Issue
fixes flyteorg/flyte#3053
Follow-up issue
NA
Linked PRs