Skip to content
This repository has been archived by the owner on Oct 9, 2023. It is now read-only.

Support for cross-project secrets for GCP #582

Merged
merged 3 commits into from
Jun 30, 2023
Merged

Support for cross-project secrets for GCP #582

merged 3 commits into from
Jun 30, 2023

Conversation

jeevb
Copy link
Contributor

@jeevb jeevb commented Jun 30, 2023
edited
Loading

TL;DR

Adds support for cross-project secrets on GCP. Tested with the following examples:

Cross-project example:

from flytekit import Secret, current_context, task

SECRET_GROUP = "projects/111111111111/secrets/mainsecret"
SECRET_GROUP_VERSION = "1"


@task(
    secret_requests=[
        Secret(group=SECRET_GROUP, group_version=SECRET_GROUP_VERSION),
    ],
)
def my_task() -> str:
    return current_context().secrets.get(
        SECRET_GROUP, group_version=SECRET_GROUP_VERSION
    )

Backward compatibility with secrets in current project:

from flytekit import Secret, current_context, task

SECRET_GROUP = "mainsecret"
SECRET_GROUP_VERSION = "1"


@task(
    secret_requests=[
        Secret(group=SECRET_GROUP, group_version=SECRET_GROUP_VERSION),
    ],
)
def my_task() -> str:
    return current_context().secrets.get(
        SECRET_GROUP, group_version=SECRET_GROUP_VERSION
    )

Type

  • Bug Fix
  • Feature
  • Plugin

Are all requirements met?

  • Code completed
  • Smoke tested
  • Unit tests added
  • Code documentation added
  • Any pending items have an associated Issue

Complete description

How did you fix the bug, make the feature etc. Link to any design docs etc

Tracking Issue

Remove the 'fixes' keyword if there will be multiple PRs to fix the linked issue

fixes https://github.com/flyteorg/flyte/issues/

Follow-up issue

NA
OR
https://github.com/flyteorg/flyte/issues/

@jeevb jeevb force-pushed the jeev/cross-project-gcp-secrets branch from fe1cbdb to 74e61b4 Compare June 30, 2023 17:07
@wild-endeavor
Copy link
Contributor

why do we want to support cross project secrets?

@jeevb
Copy link
Contributor Author

jeevb commented Jun 30, 2023

why do we want to support cross project secrets?

Parity with AWS that already supports cross-account secrets via ARNs.

@codecov
Copy link

codecov bot commented Jun 30, 2023
edited
Loading

Codecov Report

Merging #582 (76691ae) into master (d181df7) will increase coverage by 0.38%.
The diff coverage is 100.00%.

❗ Current head 76691ae differs from pull request most recent head 106fb2c. Consider uploading reports for the commit 106fb2c to get more accurate results

@jeevb jeevb force-pushed the jeev/cross-project-gcp-secrets branch 2 times, most recently from 0d84f5f to 66593e6 Compare June 30, 2023 18:42
jeevb and others added 2 commits June 30, 2023 11:54
@jeevb jeevb force-pushed the jeev/cross-project-gcp-secrets branch from 44caacb to bd31f41 Compare June 30, 2023 18:54
@jeevb jeevb marked this pull request as ready for review June 30, 2023 18:56
@jeevb jeevb merged commit 1541ae5 into master Jun 30, 2023
@jeevb jeevb deleted the jeev/cross-project-gcp-secrets branch June 30, 2023 19:34
eapolinario pushed a commit to eapolinario/flytepropeller that referenced this pull request Aug 9, 2023
@jeevb @pingsutw
Support for cross-project secrets for GCP (flyteorg#582)
c7f894b 
* Support for cross-project secrets for GCP

Signed-off-by: Jeev B <[email protected]>

* Bump flyteplugins version (flyteorg#581)

Signed-off-by: Kevin Su <[email protected]>
Signed-off-by: Jeev B <[email protected]>

---------

Signed-off-by: Jeev B <[email protected]>
Signed-off-by: Kevin Su <[email protected]>
Co-authored-by: Kevin Su <[email protected]>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@wild-endeavor wild-endeavor wild-endeavor approved these changes

@kumare3 kumare3 Awaiting requested review from kumare3 kumare3 is a code owner

@EngHabu EngHabu Awaiting requested review from EngHabu EngHabu is a code owner

@hamersaw hamersaw Awaiting requested review from hamersaw hamersaw is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jeevb @wild-endeavor @pingsutw