Raed
06/09/2021, 7:15 AMflow.run_configs = KubernetesRun(
image=<image>,
env={
"PREFECT__CONTEXT__SECRETS__BITBUCKET_ACCESS_TOKEN": os.environ[
"BITBUCKET_ACCESS_TOKEN"
]
},
image_pull_policy="Always",
)
flow.storage = Bitbucket(
project=<project>,
repo=<repo>,
path="flows/example_flow.py",
access_token_secret="BITBUCKET_ACCESS_TOKEN",
)
I get the following error on the UI
Failed to load and execute Flow's environment: ValueError('Local Secret "BITBUCKET_ACCESS_TOKEN" was not found.')
Wouldn't the access token secret have been set in the run config?
I also have the same environment variable in a custom docker image being used by the run configKevin Kho
Kevin Kho
prefect agent ____ start --env BITBUCKET_ACCESS_TOKEN=token
for the agent to be able to load the Flow from storage.Raed
06/09/2021, 4:43 PMRaed
06/09/2021, 4:47 PMKevin Kho
Raed
06/09/2021, 7:10 PMagent:
# enabled determines if the Prefect Kubernetes agent is deployed
enabled: true # So I dont have to manually start the agent and pass the variable
# prefectLabels defines what scheduling labels (not K8s labels) should
# be associated with the agent
prefectLabels: []
# image configures the container image for the agent deployment
image:
repository: <Private Image> # imaage contains BITBUCKET_ACCESS_TOKEN as an environemnt variable
tag: latest
pullPolicy: Always
pullSecrets: []
So if the image is being pulled after the flow is loaded, I could just use a universal executor given my values.yaml contains all the needed params?
flow.run_configs = KubernetesRun(
image="<Private Image>:latest",
)
Raed
06/09/2021, 7:14 PMagent:
enabled: true
does that mean running
prefect agent ____ start --env BITBUCKET_ACCESS_TOKEN=token
will be ignored? Because kubernetes already has an agent service?Kevin Kho
flow.run_config
instead of flow.run_configs
?Raed
06/09/2021, 8:46 PM[9 June 2021 4:44pm]: Failed to load and execute Flow's environment: ValueError('Local Secret "BITBUCKET_ACCESS_TOKEN" was not found.')
Any word on if the above values.yaml approach is alright? It'd be ideal to just have everything managed from within the helm chart, and would the above make the KubernetesRun object redundant?Kevin Kho
PREFECT__CONTEXT__SECRETS__BITBUCKET_ACCESS_TOKEN
, then yes you don’t need to start a new one with the command lineKevin Kho
BITBUCKET_ACCESS_TOKEN
in the environment instead of the other one.Raed
06/09/2021, 9:03 PMBITBUCKET_ACCESS_TOKEN
created an interactive shell onto the kubernetes agent, verified the key was correct with inside the pod
echo $BITBUCKET_ACCESS_TOKEN
but still get the same error
[9 June 2021 5:01pm]: Failed to load and execute Flow's environment: ValueError('Local Secret "BITBUCKET_ACCESS_TOKEN" was not found.')
Raed
06/09/2021, 9:05 PMBITBUCKET_ACCESS_TOKEN
to PREFECT__CONTEXT__SECRETS__BITBUCKET_ACCESS_TOKEN
?
In both
flow.run_config = KubernetesRun(
image=<private docker image>,
env={"PREFECT__CONTEXT__SECRETS__BITBUCKET_ACCESS_TOKEN": os.environ["KS_BITBUCKET_ACCESS_TOKEN"]},
)
& the docker image?Kevin Kho
Kevin Kho
Kevin Kho
Raed
06/09/2021, 9:09 PMKevin Kho
flow.run_config = KubernetesRun(
image=<image>,
env={
"BITBUCKET_ACCESS_TOKEN": os.environ[
"BITBUCKET_ACCESS_TOKEN"
]
},
image_pull_policy="Always",
)
flow.storage = Bitbucket(
project=<project>,
repo=<repo>,
path="flows/example_flow.py",
)
Raed
06/09/2021, 9:23 PM[9 June 2021 5:22pm]: Failed to load and execute Flow's environment: HTTPError('401 Client Error: Unauthorized for url:<URL>')
Also building an image with
PREFECT__CONTEXT__SECRETS__BITBUCKET_ACCESS_TOKEN
just in case, read somewhere that it expects all secrets in that format and would make sense why it's failing to find envKevin Kho
Raed
06/09/2021, 9:35 PMRaed
06/09/2021, 9:36 PMPREFECT__CONTEXT__SECRETS__BITBUCKET_ACCESS_TOKEN
Kevin Kho
Kevin Kho
Kevin Kho
Kevin Kho
BITBUCKET_CLOUD_USERNAME
and BITBUCKET_CLOUD_APP_PASSWORD
as the environment variables for thisRaed
06/10/2021, 5:06 PMIt looks like the env variable was picked up but the token is unauthorized on Bitbucket.
The token isn't picked up at all, have used this token in the pass successfully and I believe the error message above says it doesn't exist.Raed
06/10/2021, 5:07 PMKevin Kho
BITBUCKET_ACCESS_TOKENS
to Bitbucket Server, which causes the “Unauthorized” error, but you’re using Bitbucket Cloud. The token probably works for cloud but the way Bitbucket Storage is coded directs Access Tokens to server and username + password to Cloud.Kevin Kho
Kevin Kho
Raed
06/10/2021, 5:26 PMflow.run_config = KubernetesRun(
image=<private_image>,
env={
"BITBUCKET_CLOUD_USERNAME": os.environ["BITBUCKET_CLOUD_USERNAME"],
"BITBUCKET_CLOUD_APP_PASSWORD": os.environ["BITBUCKET_ACCESS_TOKEN"],
},
# * bitbucket storage
flow.storage = Bitbucket(
project=<project>,
repo=<repo>,
workspace=<workspace>,
cloud_username_secret="BITBUCKET_CLOUD_USERNAME",
cloud_app_password_secret="BITBUCKET_CLOUD_APP_PASSWORD",
path="flows/flow.py",
)
Gets error
[10 June 2021 1:26pm]: Failed to load and execute Flow's environment: ValueError('Local Secret "BITBUCKET_CLOUD_USERNAME" was not found.')
Raed
06/10/2021, 5:28 PMflow.run_config = KubernetesRun(
image=<private_image>,
env={
"PREFECT__CONTEXT__SECRETS__BITBUCKET_CLOUD_USERNAME": os.environ["BITBUCKET_CLOUD_USERNAME"],
"PREFECT__CONTEXT__SECRETS__BITBUCKET_CLOUD_APP_PASSWORD": os.environ["BITBUCKET_ACCESS_TOKEN"],
},
Raed
06/10/2021, 5:33 PM[10 June 2021 1:32pm]: Failed to load and execute Flow's environment: FileNotFoundError(2, 'No such file or directory')
Kevin Kho
Kevin Kho
flow = Flow("my-flow")
flow.storage = Bitbucket(
project="my.project", repo="my.repo", path="/flows/flow.py", ref="my-branch"
)
Kevin Kho
Raed
06/10/2021, 5:38 PMprefect -- 0.14.21
Kevin Kho
Raed
06/10/2021, 5:57 PMFailed to load and execute Flow's environment: KeyError('BITBUCKET_CLOUD_USERNAME')
So now the actual environment variable is missingm but that's odd because my flow originally had this line upon registration
flow.run_config = KubernetesRun(
image=<image>,
env={
"PREFECT__CONTEXT__SECRETS__BITBUCKET_CLOUD_USERNAME": os.environ[
"BITBUCKET_CLOUD_USERNAME"
],
"PREFECT__CONTEXT__SECRETS__BITBUCKET_CLOUD_APP_PASSWORD": os.environ[
"BITBUCKET_ACCESS_TOKEN"
],
"PREFECT__LOGGING__LEVEL": "DEBUG",
},
image_pull_policy="IfNotPresent",
)
When the flow runs I presume this must cause that error by trying to run os.environ['BITBUCKET_CLOUD_USERNAME'], but passing debug doesn't provide the full stack trace, any idea how I can get it?
Also shouldn't the above line automatically adjust the agent service on kubernetes to have those environment variables? Or do I have to restart the pod manually ?Kevin Kho
KS_BITBUCKET_CLOUD_USERNAME
? That’s so weird. Let me chat with the team about full traceback.Raed
06/10/2021, 6:03 PMKevin Kho
with Flow() as flow:
block or outside?Raed
06/10/2021, 6:07 PMKevin Kho
Kevin Kho
Raed
06/10/2021, 6:41 PMSo the environment variables passed from the RunConfig are applied after the Flow is loaded from storage.
So the flow is loaded, the run config is executed, but the env variables are not there so it fails, trying again with a rebuilt image that has the correct env varsKevin Kho