When trying to create a deployment with Git and Do...
# prefect-getting-startedj
Jack Goslin
12/03/2023, 12:43 AMWhen trying to create a deployment with Git and Docker, the deploy process asks for the repo URL and the "token". What exactly is it looking for? Is that a personal access token or the private deploy key for the repo? I keep getting this no matter what I try:
RuntimeError: Failed to clone repository 'git@github.com:premiere65201/hq_integration.git' with exit code 128.Jack Goslin
12/03/2023, 12:43 AMprefect.yaml:
Copy code
# Generic metadata about this project
name: hq_integration
prefect-version: 2.14.9
# build section allows you to manage and build docker images
build:
- prefect_docker.deployments.steps.build_docker_image:
requires: prefect-docker>=0.3.1
id: build-image
dockerfile: auto
image_name: prefecthq/prefect
tag: 2-python3.10
# push section allows you to manage if and how this project is uploaded to remote locations
push: null
# pull section allows you to provide instructions for cloning this project in remote locations
pull:
- prefect.deployments.steps.git_clone:
repository: git@github.com:premiere65201/hq_integration.git
branch: main
access_token: '{{ prefect.blocks.secret.deployment-hq-api-int-deployment-hq-integration-repo-token
}}'
# the deployments section allows you to provide configuration for deploying flows
deployments:
- name: hq-api-int-deployment
version: null
tags: []
description: null
entrypoint: main.py:main
parameters: {}
work_pool:
name: ec2-pool
work_queue_name: null
job_variables:
image: '{{ build-image.image }}'
schedule: nullJack Goslin
12/03/2023, 12:49 AMThis yaml is in the repository that I cloned manually, so I know this EC2 instance itself has access to it.
k
Kevin Grismore
12/03/2023, 2:02 AMHi Jack! I'm using a personal access token with the repo access scope. I think this might be happening because of the address here:
repository: git@github.com:premiere65201/hq_integration.git<https://github.com/premiere65201/hq_integration.git>Kevin Grismore
12/03/2023, 2:11 AMalso, if your intent is to start your flow run on prefect's base image and then clone your git repo into it, you can leave your build step empty and set the image by name in the job variables. just checking though!
j
Jack Goslin
12/03/2023, 2:37 AMThanks! I didn't realize you could pass the token like that for https - I've been using SSH since their changeover.
So is this link wrong or does it only work for public repositories?
k
Kevin Grismore
12/03/2023, 2:39 AMif you're using the SSH address for the repo, the SSH key needs to already be available on the worker, in which case you shouldn't pass a token or other form of credentials
👍 1
j
Jack Goslin
12/03/2023, 2:52 AMI'm getting farther 😄 In my script I'm pulling credentials from Secrets Manager which requires a credentials file. Can I push a file into that container without the file being in my repo? Or do I have to store everything in blocks and reference those in the script?
k
Kevin Grismore
12/03/2023, 2:56 AMIf you build your own image, you can put anything you want in it, but in my opinion using an AWS Credentials block is the much easier route, since then you can make AwsSecret block with the nested credentials block in it and grab your secret with minimal code:
Copy code
secrets_manager = AwsSecret.load("MY_BLOCK")
secrets_manager.read_secret()Kevin Grismore
12/03/2023, 2:57 AMj
Jack Goslin
12/03/2023, 2:58 AMAwesome, I'll try that tomorrow. Thanks again!
k
Kevin Grismore
12/03/2023, 2:58 AMhappy to help!
j
Jack Goslin
12/04/2023, 12:47 AMThanks to you, I finally got my first successful flow run without using sample code! 😭
It took about 80 hours, but Mysterious Orca will live on in my heart forever
💙 2
prefect logo 1
k
Kevin Grismore
12/04/2023, 12:55 AMThank you for persevering through all the challenges and learning to get here! Time to set that next goal and start again 😌
10 Views