Bring your towel and join one of the fastest growing data communities. Welcome to our second-generation open source orchestration platform, a completely rethought approach to dataflow automation.

Prefect Community

Is there anyway to inject Vault secrets to Prefect Kubernetes job automatically without using Blocks?

Yes you can add them as infra_overrides customizations see <https://prefect-community.slack.com/archives/CL09KU1K7/p1676043965864559?thread_ts=1676002713.946769&amp;cid=CL09KU1K7>

Just wondering where this goes since I do not see overrides property in `class KubernetesJob(Infrastructure):`

<https://docs.prefect.io/concepts/deployments/#deployment-api-representation|https://docs.prefect.io/concepts/deployments/#deployment-api-representation>

Good morning. Thank you very much for you help and for that link. In my case I need to append doc like this.
```apiVersion: apps/v1
kind: Job
  ....
---
apiVersion: "<http://koudingspawn.de/v1|koudingspawn.de/v1>"
kind: Vault
metadata:
  name: control-service
  namespace: dev
spec:
  path: "control-service"
  type: "KEYVALUEV2"```
How can I add such block using customization can I still use `customization` with `op` : add

hey, you can add anything using the patch spec, basically using more customizations into infra overrides

ok cool I was more concerned about that `---` separator.

Something like this then?
```k8s_job = KubernetesJob(
    namespace="prefect",
    customizations=[
        {
            "op": "add",
            "path": "/",
            "value": {
                {
                    "---": {
                        "apiVersion": "<http://koudingspawn.de/v1|koudingspawn.de/v1>",
                        "kind": "Vault",
                        "metadata": {
                            "name": "control-service",
                            "namespace": "dev"            
                        },
                        "spec": {
                            "path": "control-service",
                            "type": "KEYVALUEV2"
                        }
                    }
                }
            },
        }
    ],
)```

the name and namespace can be set on the k8s job

Apparently that `vault` CRD needed that namespace but I will remove that and try like you said.

Yeah I cant remember exactly which props prefect sets for you but you should be able to play around and get it working how you need

we have added tons of patches to ours for taints etv

this is a late follow-up, but in case you all are interested, another solution is <https://www.hashicorp.com/blog/injecting-vault-secrets-into-kubernetes-pods-via-a-sidecar>

Do you know how I can use this in KubernetesJob?