Hello,
regarding Prefect 2.0: just wondering... a...
# prefect-communityx
xyzz
07/11/2022, 7:51 AMHello,
regarding Prefect 2.0: just wondering... are blocks supposed to be the final answer for secrets or will there be further abstractions for supporting e.g. Hashicorp Vault?
✅ 1
a
Anna Geller
07/11/2022, 10:51 AM
Nothing is ever the final answer (other than perhaps 42 )
There are no plans to add any extra Secrets backend because Blocks are so cool, flexible and extensible. But if you already have some Secrets stored in your own Vault, we may add a Block for Hashicorp Vault to make it easy for you to retrieve your existing credentials
Anna Geller
07/11/2022, 10:51 AM
LMK if Hashicorp Vault block is what you're looking for, if so I can open a ticket for backlog
Anna Geller
07/11/2022, 10:53 AM
moving your messages to the thread - next time please keep everything in 1 message or continue adding new messages in a thread:
• I'm a bit worried because without Vault support it will be hard getting a Prefect setup in my company
• though I guess it might be acceptable to just kind of sync Vault secrets to secrets stored in blocks, as long as user can't look up the value
a
Andreas
07/11/2022, 11:49 AM+1 for adding a Block for Hashicorp Vault. This could be usefull in the future for some of the projects I am working on too
🙌 1
a
Anna Geller
07/11/2022, 12:02 PM
@Marvin open "Add a Block for retrieving Secrets from Hashicorp Vault"
❤️ 2
m
Marvin
07/11/2022, 12:02 PMx
xyzz
07/11/2022, 12:15 PMyes I was talking about Hashicorp Vault, thanks for opening the ticket!
👍 1
d
davzucky
07/11/2022, 12:20 PM@Anna Geller in the future would block be part of the collection pattern idea or splitting dependency?
a
Anna Geller
07/11/2022, 12:21 PM
the Block itself configuring credentials would likely be in the core package and configurable through UI, but to perform some business logic/action with it, you'll likely have to install a Collection
cc @alex
d
davzucky
07/11/2022, 12:23 PMInterested to understand how would that work @alex
a
alex
07/11/2022, 1:31 PM@davzucky Any set of blocks created to interact with Hashicorp vault would live in a Prefect Collection. We have mechanisms in place that make any blocks in installed Prefect Collections available for configuration in the UI. By default, all integrations should go in a collection so that we can minimize the number of dependencies that the core library has.
👍 2
💯 1
d
davzucky
07/11/2022, 1:48 PMGreat thank you for the reply. Looking forward to see a sample collection fully implemented with this feature
a
alex
07/11/2022, 1:53 PMHere’s a PR where I’m converting an existing dataclass to a block in a Collection as a reference: https://github.com/PrefectHQ/prefect-dbt/pull/26
👍 2
x
xyzz
07/14/2022, 2:30 PMJust wondering... is there anything I can do to improve the chances of this being implemented?
xyzz
07/14/2022, 2:30 PMI'm still a prefect newbie, so I'd be a bit worried about implementing it myself
xyzz
07/14/2022, 2:31 PMand didn't work directly with Vault yet either
a
Anna Geller
07/14/2022, 3:55 PM
we added it to the roadmap and you can track via GitHub issue - if this is critical for you, LMK - I can ask the product team if we can prioritize it
x
xyzz
07/15/2022, 8:08 AMThanks, Anna!
xyzz
07/15/2022, 8:09 AMAt the moment it isn't critical since we are still at the evaluation phase, but if we go for prefect this is sometehing we'll definitely need.
🙌 1
4 Views