Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Draft] [flytekit] Polish - Secrets #6141

Open
2 tasks done
wild-endeavor opened this issue Jan 5, 2025 · 6 comments
Open
2 tasks done

[Draft] [flytekit] Polish - Secrets #6141

wild-endeavor opened this issue Jan 5, 2025 · 6 comments
Labels
backlogged For internal use. Reserved for contributor team workflow. untriaged This issues has not yet been looked at by the Maintainers

Comments

@wild-endeavor
Copy link
Contributor

wild-endeavor commented Jan 5, 2025
edited
Loading

Secrets

This is a series of tickets to improve the flytekit authoring experience. If any changes are not possible to make in a backwards-compatible way, split it out into a separate ticket.

Rename argument

Rename secret_requests argument to secrets for task / eager / dynamic. The fact that it is a request is implied. However, probably add a user-facing note somewhere to make sure they don't accidentally put the actual secret in there.

Union support

Support a single Secret without having to wrap it in a list (i.e. secrets: list[Secret]|Secret|None).

Improve accessing

The current method to retrieve secrets (flytekit.current_context().secrets.get(key="WANDB_API_KEY")) is too verbose. Let's make it something like flytekit.access(key="WANDB_API_KEY").

Are you sure this issue hasn't been raised already?

  • Yes

Have you read the Code of Conduct?

  • Yes
@wild-endeavor wild-endeavor added documentation Improvements or additions to documentation untriaged This issues has not yet been looked at by the Maintainers labels Jan 5, 2025
@wild-endeavor wild-endeavor added backlogged For internal use. Reserved for contributor team workflow. and removed documentation Improvements or additions to documentation labels Jan 5, 2025
@thomasjpfan
Copy link
Member

I agree with renaming secret_requests to secrets and union.

For accessing, I like having secrets in the name somewhere: flytekit.secrets(key="WANDB_API_KEY").

@wild-endeavor
Copy link
Contributor Author

wild-endeavor commented Jan 9, 2025
edited
Loading

@cosmicBboy

+1 to flytekit.get_secret("MY_SECRET").

just like this or with the key as @thomasjpfan suggested? If just like this, how do we deal with group? or limit only to secrets with no group?

+1 to remove group and key and just have a single string key (like with union sdk)

this would be backwards incompatible though - is that okay?

@cosmicBboy
Copy link
Contributor

We should also have an explicit environment var name in the secret definition: Secret(..., env_name="MY_ENV_VAR")

@thomasjpfan
Copy link
Member

I would continue to have group and key for flytekit. If we want the simple flytekit.get_secret("MY_SECRET") then change the order of key and group:

def get_secret(key: str, group: Optional[str] = None):
    ...

@granthamtaylor
Copy link

granthamtaylor commented Jan 10, 2025
edited
Loading

I would like to also change the order of key and group in flytekit.Secret as well. When one does not use a group, they need to specify the keyword key when defining a Secret instance (flytekit.Secret(key="MY_SECRET")).

This is potentially a breaking change though, but having get_secret have one order (key, group) and Secret having a different order (group, key) feels like a really bad idea.

@thomasjpfan
Copy link
Member

get_secret is a new function, so it is not a breaking change. The issue is that it'll be confusing to have different orders between get_secret and Secret.

This was referenced Jan 10, 2025
Merged
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backlogged For internal use. Reserved for contributor team workflow. untriaged This issues has not yet been looked at by the Maintainers
Projects
Flyte Issues/PRs maintenance
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
4 participants
@cosmicBboy @wild-endeavor @thomasjpfan @granthamtaylor