-
Notifications
You must be signed in to change notification settings - Fork 61
Introduces new "env_var" and "file" fields to Secret to allow specifying name/mountPath on injection #423
base: master
Are you sure you want to change the base?
Conversation
Thank you for opening this pull request! 🙌 These tips will help get your PR across the finish line:
|
…injection if exists Signed-off-by: Geert Pingen <geertpingen@gmail.com>
Signed-off-by: Geert Pingen <geertpingen@gmail.com>
bf435bf
to
70573b1
Compare
Signed-off-by: Geert Pingen <geertpingen@gmail.com>
Codecov Report
@@ Coverage Diff @@
## master #423 +/- ##
==========================================
+ Coverage 75.92% 78.48% +2.55%
==========================================
Files 18 18
Lines 1458 1250 -208
==========================================
- Hits 1107 981 -126
+ Misses 294 212 -82
Partials 57 57
Flags with carried forward coverage won't be shown. Click here to find out more. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, could you resolve a merge conflict
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great. I want to call out though that this change needs to be both forward and backwards compatible. That is,
- people on newer versions of the flyte backend (like upgrade propeller/admin/etc after these PRs are merged) but old versions of flytekit should continue to work, and
- people on existing versions of flyte backend (those who do not upgrade propeller/admin/etc with these PRs) but who do upgrade flytekit, should continue to work.
// +optional | ||
oneof mount_target { | ||
MountEnvVar env_var = 5; | ||
MountFile file = 6; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
since the existing MountType
enum was only used in the mount_requirement
field, it'd be effectively deprecated as well right? Can we add the flag there as well?
Also since the existing enum had an Any concept, should we add that as well to the one of?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nm - let's ignore this comment
MountFile file = 6; | ||
} | ||
|
||
// The name of the environment variable if the Secret is injected as environment variable. If ommitted, the default |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// The name of the environment variable if the Secret is injected as environment variable. If ommitted, the default | |
// The name of the environment variable if the Secret is injected as environment variable. If |
} | ||
|
||
// The name of the environment variable if the Secret is injected as environment variable. If ommitted, the default | ||
// FLYTE_SECRETS_ENV_PREFIX prefix will be used. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// FLYTE_SECRETS_ENV_PREFIX prefix will be used. | |
// MountEnvVar is supplied with an empty string, FLYTE_SECRETS_ENV_PREFIX prefix will be used. |
} | ||
|
||
// The path where the Secret will be mounted. The execution will fail if the underlying key management system cannot | ||
// satisfy that requirement. If not provided, the default location will depend on the key management system. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// satisfy that requirement. If not provided, the default location will depend on the key management system. | |
// satisfy that requirement. If provided with an empty string, the default location will depend on the key management system. |
TL;DR
Introduces new fields to the
Secret
object:env_var
file
Allowing users to directly specify a name or mountPath for the Secret, without having to specify a full PodTemplate(name). The old
mount_requirement
can still be used. Example:Type
Are all requirements met?
Complete description
How did you fix the bug, make the feature etc. Link to any design docs etc
Tracking Issue
fixes flyteorg/flyte#3053
Follow-up issue
NA
Linked PRs