Lukas N.

08/05/2020, 1:17 PM
Hi everyone, I'm running Prefect in Kubernetes and I'm trying to make it talk to an existing vault. We use the Kubernetes agent to deploy jobs, by default the job doesn't talk to the vault. I would need to add some annotations to the job to make it work
Looking at the code of the agent the
is hardwired and I cannot modify it. I've also checked the
which seems like a way to go for a custom
file. But in this case, the environment values specified in the prefect Kubernetes agent
prefect agent start kubernetes --env NAME=value
don't get passed to the custom job. They only get passed to the first Job that creates the custom job. Is there another way to have both custom annotations on Jobs and environment values passed from prefect kubernetes agent?


08/05/2020, 1:21 PM
Hi @Lukas N. there is actually a PR open now that someone in the community made to allow shipping yaml templates with the k8s agent that could then be used for the initial prefect-job QQ: Why would the initial prefect-job need access to your vault since the flow would be running on the job created by the KubernetesJobEnvironment?

Lukas N.

08/05/2020, 1:27 PM
Oh nice, that PR is exactly what I need! The initial job doesn't need access to the vault. We have multiple clusters - staging and production. Each of them is running the
prefect agent start kubernetes --env NAME=...
with different environment variables. They need to be passed to the job. If I use
, the initial job doesn't have access to the vault. If I use
the values don't get injected into the environment of the second (actual) job.