https://prefect.io logo
Join Slack
Powered by
<@ULVA73B9P> how do I handle private repos with th...
# ask-marvin
e
@Marvin how do I handle private repos with this python flow1.from_source( source="https://github.com/sabiagents/flows.git", entrypoint="flow2.py:flow1", ).deploy( name="flow1", work_pool_name="default", job_variables={ "env": { "EXTRA_PIP_PACKAGES": "-r requirements.txt" } } )
m
thought for 34.3 seconds
Based on the research, I can provide you with the correct way to handle private GitHub repositories with Prefect 3.x. There are two main approaches: 1. Using HTTPS with Personal Access Token (PAT):
Copy code
python
flow1.from_source(
    source="<https://username:personal_access_token@github.com/sabiagents/flows.git>",
    entrypoint="flow2.py:flow1",
).deploy(
    name="flow1",
    work_pool_name="default",
    job_variables={
        "env": {
            "EXTRA_PIP_PACKAGES": "-r requirements.txt"
        }
    }
)
2. Using Environment Variables (Recommended):
Copy code
python
flow1.from_source(
    source="<https://github.com/sabiagents/flows.git>",
    entrypoint="flow2.py:flow1",
    credentials={"access_token": "your_github_pat"}  # Or load from environment/secrets
).deploy(
    name="flow1",
    work_pool_name="default",
    job_variables={
        "env": {
            "EXTRA_PIP_PACKAGES": "-r requirements.txt",
            "GIT_CREDENTIALS": "<https://username:personal_access_token@github.com>"
        }
    }
)
Some important notes: 1. Never commit your PAT directly in code. Instead, use environment variables or Prefect secrets. 2. Your PAT needs appropriate permissions to access the repository. 3. Make sure your worker has access to the credentials when it runs. For better security, you can store your GitHub PAT as a Prefect Secret and reference it in your deployment code. Here's how: 1. First, create a secret block in Prefect:
Copy code
bash
prefect secret create GITHUB_PAT
2. Then modify your deployment code to use the secret:
Copy code
python
from prefect.blocks.system import Secret

github_pat = Secret.load("GITHUB_PAT")

flow1.from_source(
    source="<https://github.com/sabiagents/flows.git>",
    entrypoint="flow2.py:flow1",
    credentials={"access_token": github_pat.get()}
).deploy(
    name="flow1",
    work_pool_name="default",
    job_variables={
        "env": {
            "EXTRA_PIP_PACKAGES": "-r requirements.txt"
        }
    }
)
This approach keeps your credentials secure while still allowing access to private repositories. The worker will use these credentials when pulling the repository during flow execution.
Open in Slack
PreviousNext
Powered by