Oleksandr Lobunets
06/18/2020, 10:38 PMcontainerDefinitions['repositoryCredentials']['credentialsParameter']
location, which I cannot find how to pass to the agent either via environment variables or via CLI argumentsZachary Hughes
06/18/2020, 11:48 PM"containerDefinitions": [
{
"image": "private-repo/private-image",
"repositoryCredentials": {
"credentialsParameter": "arn:aws:secretsmanager:region:aws_account_id:secret:secret_name"
}
}
]
I think what you'll want to do is define those repositoryCredentials
as part of your FargateTaskEnvironment's containerDefinitions
field, using the link below as an example. Does that sound like it might work for you?
https://docs.prefect.io/orchestration/execution/fargate_task_environment.html#fargate-task-environment-w-resourcesOleksandr Lobunets
06/19/2020, 5:36 AMmy-agent:
my-agent:
image: prefecthq/prefect:${PREFECT_VERSION}
depends_on:
- apollo
environment:
- PREFECT__BACKEND=server
- PREFECT__SERVER__HOST=<http://x.x.x.x>
- PREFECT__LOGGING__LEVEL=DEBUG
- PREFECT__FLOWS__CHECKPOINTING=true
- AWS_ACCESS_KEY_ID=...
- AWS_SECRET_ACCESS_KEY=...
- REGION_NAME=eu-central-1
- containerDefinitions_logConfiguration={"logDriver":"awslogs","options":{"awslogs-group":"npn/prefect","awslogs-region":"eu-central-1","awslogs-stream-prefix":"flow-runs"}}
restart: always
command: >
prefect agent start fargate
--name my-test-agent
--show-flow-logs
-l fargate
-v
cpu=256
memory=512
executionRoleArn=arn:aws:iam::********:role/ecsTaskExecutionRole
cluster=npn-ecs1
networkConfiguration="{'awsvpcConfiguration': {'assignPublicIp': 'DISABLED', 'subnets': ['subnet-*******'], 'securityGroups': ['sg-*******']}}"
Zachary Hughes
06/19/2020, 1:26 PMOleksandr Lobunets
06/19/2020, 3:30 PM