Skip to content

[Bug] SecretsManager get function supports env_var pararmeters. #3201

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Bug] SecretsManager get function supports env_var pararmeters. #3201

wants to merge 1 commit into from

Conversation

0yukali0
Copy link

@0yukali0 0yukali0 commented Mar 18, 2025
edited by flyte-bot
Loading

Tracking issue

flyteorg/flyte#

Why are the changes needed?

In flytekit secretsManager, it will check whether the secret exist in an env var "" or in a file "/etc/secrets//".
In flytekit secret, create a env "MY_SECRET" when setting "env_var=MY_SECRET" parameters.
SecretManager won't find it with naming rule with "".

What changes were proposed in this pull request?

Adding env_var pararmeters in secreateManager get function.
Initially, secretManager search the secret with following orders.

  1. "_" env
  2. "/etc/secrets//" file
    In this PR, its order will be
  3. "_" env
    2 . env_var
  4. "/etc/secrets//" file

How was this patch tested?

make test
os.environ["LOCAL_ENV_VAR"] = "value" assert sec.get(group="group", key="key2", env_var="LOCAL_ENV_VAR") == "value" assert sec.get(key="key", env_var="LOCAL_ENV_VAR") == "value" assert sec.get(env_var="LOCAL_ENV_VAR") == "value"

Setup process

Screenshots

Check all the applicable boxes

  • I updated the documentation accordingly.
  • All new and existing tests passed.
  • All commits are signed-off.

Related PRs

Docs link

Summary by Bito

This PR fixes a bug in SecretsManager by adjusting secret lookup order and adding an optional 'env_var' parameter. It includes renaming and reordering variables in the context_manager module with updated type annotations. The changes enhance reliability and clarity of secret management in flytekit.

Unit tests added: True

Estimated effort to review (1-5, lower is better): 1

@welcome Welcome
Copy link

welcome bot commented Mar 18, 2025

Thank you for opening this pull request! 🙌

These tips will help get your PR across the finish line:

  • Most of the repos have a PR template; if not, fill it out to the best of your knowledge.
  • Sign off your commits (Reference: DCO Guide).

@flyte-bot
Copy link
Contributor

Code Review Agent Run Status

  • Limitations and other issues: ❌ Failure - The AI Code Review Agent skipped reviewing this change because it is configured to exclude certain pull requests based on the source/target branch or the pull request status. You can change the settings here, or contact the agent instance creator at [email protected].

@0yukali0 0yukali0 changed the title [Bug] SecretsManager get function supports env_var pararmeters. [WIP][Bug] SecretsManager get function supports env_var pararmeters. Mar 20, 2025
@flyte-bot
Copy link
Contributor

flyte-bot commented Mar 23, 2025
edited
Loading

Code Review Agent Run Status

  • Limitations and other issues: ❌ Failure - The AI Code Review Agent skipped reviewing this change because it is configured to exclude certain pull requests based on the source/target branch or the pull request status. You can change the settings here, or contact the agent instance creator at [email protected].

@0yukali0 0yukali0 changed the title [WIP][Bug] SecretsManager get function supports env_var pararmeters. [Bug] SecretsManager get function supports env_var pararmeters. Mar 23, 2025
@0yukali0 0yukali0 marked this pull request as ready for review March 23, 2025 17:40
@flyte-bot
Copy link
Contributor

flyte-bot commented Mar 23, 2025
edited
Loading

Code Review Agent Run #2389d5

Actionable Suggestions - 1
  • flytekit/core/context_manager.py - 1
Review Details
  • Files reviewed - 2 · Commit Range: 9503d33..9503d33
    • flytekit/core/context_manager.py
    • tests/flytekit/unit/core/test_context_manager.py
  • Files skipped - 0
  • Tools
    • Whispers (Secret Scanner) - ✔︎ Successful
    • Detect-secrets (Secret Scanner) - ✔︎ Successful
    • MyPy (Static Code Analysis) - ✔︎ Successful
    • Astral Ruff (Static Code Analysis) - ✔︎ Successful

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

  • /review - Manually triggers a full AI review.

Refer to the documentation for additional commands.

Configuration

This repository uses code_review_bito You can customize the agent settings here or contact your Bito workspace admin at [email protected].

Documentation & Help

AI Code Review powered by Bito Logo

@flyte-bot
Copy link
Contributor

flyte-bot commented Mar 23, 2025
edited
Loading

Changelist by Bito

This pull request implements the following key changes.

Key Change Files Impacted
Bug Fix - SecretsManager Bug Fixes

context_manager.py - Refactored SecretsManager by replacing env_var with default_env_var for proper secret lookup and updated type hints.
Testing - SecretsManager Unit Tests Update

test_context_manager.py - Added unit tests to verify the new env_var parameter and secret retrieval order.

flyte-bot
flyte-bot reviewed Mar 23, 2025
View reviewed changes
flytekit/core/context_manager.py Outdated
if os.path.exists(fpath):
with open(fpath, encode_mode) as f:
return f.read().strip()
env_vars = ",".join([k for k in filter(None, (group_env_var, env_var))])
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Possible undefined variable reference

The variable group_env_var might be undefined when reaching line 433. If none of the environment prefixes in the loop produces a valid group_env_var (e.g., when the loop is not entered or when env_prefixes is empty), then group_env_var will be undefined when constructing the env_vars string. Consider initializing group_env_var to None at the beginning of the function.

Code suggestion
Check the AI-generated fix before applying
 @@ -401,0 +402 @@
 +        group_env_var: Optional[str] = None,

Code Review Run #2389d5

Should Bito avoid suggestions like this for future reviews? (Manage Rules)

  • Yes, avoid them

@0yukali0 0yukali0 marked this pull request as draft March 23, 2025 23:45
@flyte-bot
Copy link
Contributor

flyte-bot commented Mar 24, 2025
edited
Loading

Code Review Agent Run Status

  • Limitations and other issues: ❌ Failure - The AI Code Review Agent skipped reviewing this change because it is configured to exclude certain pull requests based on the source/target branch or the pull request status. You can change the settings here, or contact the agent instance creator at [email protected].

@0yukali0 0yukali0 marked this pull request as ready for review March 24, 2025 15:26
@flyte-bot
Copy link
Contributor

flyte-bot commented Mar 24, 2025
edited
Loading

Code Review Agent Run #98d23d

Actionable Suggestions - 0
Review Details
  • Files reviewed - 1 · Commit Range: 9503d33..e74db52
    • flytekit/core/context_manager.py
  • Files skipped - 0
  • Tools
    • Whispers (Secret Scanner) - ✔︎ Successful
    • Detect-secrets (Secret Scanner) - ✔︎ Successful
    • MyPy (Static Code Analysis) - ✔︎ Successful
    • Astral Ruff (Static Code Analysis) - ✔︎ Successful

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

  • /review - Manually triggers a full AI review.

Refer to the documentation for additional commands.

Configuration

This repository uses code_review_bito You can customize the agent settings here or contact your Bito workspace admin at [email protected].

Documentation & Help

AI Code Review powered by Bito Logo

@0yukali0
Copy link
Author

/review

@flyte-bot
Copy link
Contributor

flyte-bot commented Mar 25, 2025
edited
Loading

Code Review Agent Run #f74fd8

Actionable Suggestions - 1
  • flytekit/core/context_manager.py - 1
    • Potential undefined variable in error message · Line 435-435
Review Details
  • Files reviewed - 2 · Commit Range: 9503d33..e74db52
    • flytekit/core/context_manager.py
    • tests/flytekit/unit/core/test_context_manager.py
  • Files skipped - 0
  • Tools
    • Whispers (Secret Scanner) - ✔︎ Successful
    • Detect-secrets (Secret Scanner) - ✔︎ Successful
    • MyPy (Static Code Analysis) - ✔︎ Successful
    • Astral Ruff (Static Code Analysis) - ✔︎ Successful

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

  • /review - Manually triggers a full AI review.

Refer to the documentation for additional commands.

Configuration

This repository uses code_review_bito You can customize the agent settings here or contact your Bito workspace admin at [email protected].

Documentation & Help

AI Code Review powered by Bito Logo

flyte-bot
flyte-bot reviewed Mar 25, 2025
View reviewed changes
flytekit/core/context_manager.py Outdated
raise ValueError(
f"Please make sure to add secret_requests=[Secret(group={group}, key={key})] in @task. Unable to find secret for key {key} in group {group} "
f"in Env Var:{env_var} and FilePath: {fpath}"
f"in Env Var:{env_var}, {group_env_var} and FilePath: {fpath}"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Potential undefined variable in error message

The error message now includes both env_var and group_env_var, but group_env_var might be undefined if the code path doesn't go through the loop at lines 415-422. This could potentially lead to a reference error.

Code suggestion
Check the AI-generated fix before applying
Suggested change
f"in Env Var:{env_var}, {group_env_var} and FilePath: {fpath}"
f"in Env Var:{env_var}{', ' + group_env_var if group_env_var is not None else ''} and FilePath: {fpath}"

Code Review Run #f74fd8

Should Bito avoid suggestions like this for future reviews? (Manage Rules)

  • Yes, avoid them

@0yukali0 0yukali0 closed this Mar 26, 2025
@0yukali0 0yukali0 reopened this Mar 26, 2025
@0yukali0
Copy link
Author

/review

@flyte-bot
Copy link
Contributor

flyte-bot commented Mar 26, 2025
edited
Loading

Code Review Agent Run #ba9449

Actionable Suggestions - 0
Review Details
  • Files reviewed - 2 · Commit Range: 33820f9..33820f9
    • flytekit/core/context_manager.py
    • tests/flytekit/unit/core/test_context_manager.py
  • Files skipped - 0
  • Tools
    • Whispers (Secret Scanner) - ✔︎ Successful
    • Detect-secrets (Secret Scanner) - ✔︎ Successful

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

  • /review - Manually triggers a full AI review.

Refer to the documentation for additional commands.

Configuration

This repository uses code_review_bito You can customize the agent settings here or contact your Bito workspace admin at [email protected].

Documentation & Help

AI Code Review powered by Bito Logo

@flyte-bot
Copy link
Contributor

flyte-bot commented Mar 26, 2025
edited
Loading

Code Review Agent Run #21673e

Actionable Suggestions - 0
Review Details
  • Files reviewed - 2 · Commit Range: 33820f9..33820f9
    • flytekit/core/context_manager.py
    • tests/flytekit/unit/core/test_context_manager.py
  • Files skipped - 0
  • Tools
    • Whispers (Secret Scanner) - ✔︎ Successful
    • Detect-secrets (Secret Scanner) - ✔︎ Successful

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

  • /review - Manually triggers a full AI review.

Refer to the documentation for additional commands.

Configuration

This repository uses code_review_bito You can customize the agent settings here or contact your Bito workspace admin at [email protected].

Documentation & Help

AI Code Review powered by Bito Logo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@flyte-bot flyte-bot flyte-bot left review comments

@wild-endeavor wild-endeavor Awaiting requested review from wild-endeavor wild-endeavor is a code owner

@kumare3 kumare3 Awaiting requested review from kumare3 kumare3 is a code owner

@eapolinario eapolinario Awaiting requested review from eapolinario

@pingsutw pingsutw Awaiting requested review from pingsutw pingsutw is a code owner

@cosmicBboy cosmicBboy Awaiting requested review from cosmicBboy cosmicBboy is a code owner

@samhita-alla samhita-alla Awaiting requested review from samhita-alla samhita-alla is a code owner

@thomasjpfan thomasjpfan Awaiting requested review from thomasjpfan

@Future-Outlier Future-Outlier Awaiting requested review from Future-Outlier

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@0yukali0 @flyte-bot