Tom Manterfield
04/26/2022, 4:37 PMKubernetesFlowRunner
instance other than building the keys into the image itself. Has anyone else found a solution for this?Zanie
04/26/2022, 4:39 PMTom Manterfield
04/26/2022, 4:39 PMGOOGLE_APPLICATION_CREDENTIALS
env var is just a path to the json file containing the creds, so they need to already be on the filesystem. There doesn’t seem to be a way to customise the KubernetesFlowRunner
Job template in Orion as there was in Prefect 1, so you can’t mount the secret into the container. Hopefully I’ve missed some config option?Zanie
04/26/2022, 4:41 PMdef _create_and_start_job(self, flow_run: FlowRun) -> str:
k8s_env = [
{"name": k, "value": v}
for k, v in self._get_environment_variables().items()
]
job_settings = dict(
metadata={
"generateName": self._slugify_flow_run_name(flow_run),
"namespace": self.namespace,
"labels": self._get_labels(flow_run),
},
spec={
"template": {
"spec": {
"restartPolicy": self.restart_policy.value,
"containers": [
{
"name": "job",
"image": self.image,
"command": self._get_start_command(flow_run),
"env": k8s_env,
}
],
}
},
"backoff_limit": 4,
},
)
Tom Manterfield
04/26/2022, 4:43 PM