John Horn
03/28/2023, 3:04 PMredsquare
03/28/2023, 3:10 PMJohn Horn
03/28/2023, 4:08 PMinfra_overrides={
"customizations": [
{
"op": "add",
"path": "/spec/template/spec/imagePullSecrets",
"value": [],
},
{
"op": "add",
"path": "/spec/template/spec/imagePullSecrets/0",
"value": {"name": "foo_password_env_var"},
},
],
},
redsquare
03/28/2023, 4:10 PMinfra_overrides={
"customizations": [
"op": "add",
"path": "/spec/template/spec/containers/0/envFrom/-",
"value": {
"secretRef": {
"name": secret.lower()
}
}}
]
}
# Load an already created K8s Block
k8sjob = k8s_job.load("devk8s")
deployment = Deployment.build_from_flow(
flow=my_flow,
name="s3-example",
version=2,
work_queue_name="aws",
infrastructure=k8sjob,
storage=storage,
infra_overrides=infra_overrides,
)
deployment.apply()
John Horn
03/28/2023, 4:46 PMdeployment = Deployment.build_from_flow(
name=deployment_name,
flow=foo_flow,
work_queue_name="kubernetes",
parameters={
"foo_param": "foo_value"
},
storage=gcs_block,
infrastructure=KubernetesJob(
namespace='foo_namespace',
image='foo_image',
image_pull_policy = KubernetesImagePullPolicy.IF_NOT_PRESENT,
infra_overrides={
"customizations": [
{
"op": "add",
"path": "/spec/template/spec/containers/0/envFrom/-",
"value": {
"secretRef": {
"name": "foo_password_env_var"
}
}
}
]
},
)
)
deployment.apply()
redsquare
03/28/2023, 4:47 PMdeployment = Deployment.build_from_flow(
name=deployment_name,
flow=foo_flow,
work_queue_name="kubernetes",
parameters={
"foo_param": "foo_value"
},
storage=gcs_block,
infrastructure=KubernetesJob(
namespace='foo_namespace',
image='foo_image',
image_pull_policy = KubernetesImagePullPolicy.IF_NOT_PRESENT
),
infra_overrides={
"customizations": [
{
"op": "add",
"path": "/spec/template/spec/containers/0/envFrom/-",
"value": {
"secretRef": {
"name": "foo_password_env_var"
}
}
}
]
}
)
deployment.apply()
John Horn
03/28/2023, 5:55 PMjsonpointer.JsonPointerException: member 'envFrom' not found in {'env': [{'name': 'PREFECT_API_URL', 'value': '<https://api.prefect.cloud/api/accounts/foo/workspaces/foo>'}, {'name': 'PREFECT_API_KEY', 'value': 'foo\n'}, {'name': 'PREFECT__FLOW_RUN_ID', 'value': 'foo'}], 'name': 'prefect-job', 'image': 'foo-image', 'imagePullPolicy': 'IfNotPresent', 'args': ['python', '-m', 'prefect.engine']}
redsquare
03/28/2023, 5:57 PMJohn Horn
03/28/2023, 6:00 PMredsquare
03/28/2023, 6:04 PMJohn Horn
03/28/2023, 6:24 PM"path": "/spec/template/spec/containers/0/envFrom/-",
"path": "/spec/template/spec/containers/0/envFrom/",
"path": "/spec/template/spec/containers/0/envFrom",
"path": "/spec/template/spec/containers/0/envFrom/0",
18:17:08.802 | ERROR | prefect.agent - Failed to submit flow run '0b48b2ff-4b5f-4146-973b-d817ce37d096' to infrastructure.
Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/jsonpointer.py", line 288, in walk
return doc[part]
KeyError: 'envFrom'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/prefect/agent.py", line 484, in _submit_run_and_capture_errors
result = await infrastructure.run(task_status=task_status)
File "/usr/local/lib/python3.8/site-packages/prefect/infrastructure/kubernetes.py", line 300, in run
manifest = self.build_job()
File "/usr/local/lib/python3.8/site-packages/prefect/events/instrument.py", line 73, in inner
raise exc
File "/usr/local/lib/python3.8/site-packages/prefect/events/instrument.py", line 70, in inner
return function(self, *args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/prefect/infrastructure/kubernetes.py", line 360, in build_job
job_manifest = self.customizations.apply(job_manifest)
File "/usr/local/lib/python3.8/site-packages/jsonpatch.py", line 669, in apply
obj = operation.apply(obj)
File "/usr/local/lib/python3.8/site-packages/jsonpatch.py", line 272, in apply
subobj, part = self.pointer.to_last(obj)
File "/usr/local/lib/python3.8/site-packages/jsonpointer.py", line 196, in to_last
doc = self.walk(doc, part)
File "/usr/local/lib/python3.8/site-packages/jsonpointer.py", line 291, in walk
raise JsonPointerException("member '%s' not found in %s" % (part, doc))
jsonpointer.JsonPointerException: member 'envFrom' not found in {'env':
redsquare
03/28/2023, 6:26 PMJohn Horn
03/28/2023, 6:29 PMredsquare
03/28/2023, 6:30 PMJohn Horn
03/28/2023, 6:30 PMredsquare
03/28/2023, 6:30 PMinfrastructure=KubernetesJob(
namespace='foo_namespace',
image='foo_image',
image_pull_policy = KubernetesImagePullPolicy.IF_NOT_PRESENT
),
generatesJohn Horn
03/28/2023, 7:02 PMinfra_overrides:
customizations:
- op: add
path: /spec/template/spec/containers/0/envFrom
value:
secretRef:
name: foo_pass
infrastructure:
type: kubernetes-job
env: {}
labels: {}
name: null
command: null
image: foo-image
namespace: foo-namespace
service_account_name: null
image_pull_policy: IfNotPresent
cluster_config: null
job:
apiVersion: batch/v1
kind: Job
metadata:
labels: {}
spec:
template:
spec:
parallelism: 1
completions: 1
restartPolicy: Never
containers:
- name: prefect-job
env: []
customizations: []
job_watch_timeout_seconds: null
pod_watch_timeout_seconds: 60
stream_output: true
finished_job_ttl: null
block_type_slug: kubernetes-job
_block_type_slug: kubernetes-job
infrastructure=KubernetesJob(
namespace='foo_namespace',
image='foo_image',
image_pull_policy = KubernetesImagePullPolicy.IF_NOT_PRESENT
),
gives me back:
job:
apiVersion: batch/v1
kind: Job
metadata:
labels: {}
spec:
template:
spec:
parallelism: 1
completions: 1
restartPolicy: Never
containers:
- name: prefect-job
env: []
customizations: []
job_watch_timeout_seconds: null
pod_watch_timeout_seconds: 60
stream_output: true
finished_job_ttl: null
block_type_slug: kubernetes-job
_block_type_slug: kubernetes-job
redsquare
03/28/2023, 7:19 PM'envFrom' not found in {'env': [{'name': 'PREFECT_API_URL', 'value': '<https://api.prefect.cloud/api/accounts/foo/workspaces/foo>'}, {'name': 'PREFECT_API_KEY', 'value': 'foo\n'}, {'name': 'PREFECT__FLOW_RUN_ID', 'value': 'foo'}], 'name': 'prefect-job', 'image': 'foo-image', 'imagePullPolicy': 'IfNotPresent', 'args': ['python', '-m', 'prefect.engine']}
John Horn
03/28/2023, 7:21 PMredsquare
03/28/2023, 7:22 PMChristopher Boyd
03/28/2023, 7:59 PM{
"env": [
{
"name": "SECRET_NAME",
"valueFrom": {
"secretKeyRef": {
"name": "key_name",
"key": "key_key"
}
}
}
]
}
redsquare
03/28/2023, 8:04 PMChristopher Boyd
03/28/2023, 8:05 PM/spec/template/spec/containers/0/env/-
, you can do something like:
[
{
"op": "add",
"path": "/spec/template/spec/containers/0/env/-",
"value": {
"name": "MY_SECRET",
"valueFrom": {
"secretKeyRef": {
"name": "my-secret",
"key": "my-secret-key"
}
}
}
}
]
redsquare
03/28/2023, 8:08 PMChristopher Boyd
03/28/2023, 8:10 PMredsquare
03/28/2023, 8:11 PMJohn Horn
03/29/2023, 12:04 AMkubectl get pod POD_ID -o yaml
as far as dynamic variables I'm not sure if those would be able to pull from the cluster as well. I think for my purpose of grabbing secrets from the cluster one would still have to do the below but no json patch needed since it would be in the base manifest
this worked btw:
infra_overrides={
"customizations": [
{
"op": "add",
"path": "/spec/template/spec/containers/0/env/-",
"value": {
"name": "foo_password_env_var",
"valueFrom": {
"secretKeyRef": {
"name": "prefect-secrets",
"key": "foo-password",
}
}
}
},
]
}
redsquare
03/29/2023, 5:23 AM