Giters

jina-ai / jcloud

Simplify deploying and managing Jina projects on Jina Cloud

Home Page:https://docs.jina.ai/concepts/jcloud/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Receive Secrets from OS at Runtime for Config

myntoralex opened this issue · comments

commented

I use the HNSWPostgresIndexer, with which I provide some database secrets I would like to keep secret. In my python code for my executor I do the following,

...
uses_with={
                'table': 'odqa_encoded_document',
                'limit': 20,
                'dim': 768,
                'return_embeddings': True,
                'hostname': os.environ.get('POSTGRES_HOST'),
                'username': os.environ.get('POSTGRES_USER'),
                'password': os.environ.get('POSTGRES_PASSWORD'),
                'database': os.environ.get('POSTGRES_DB')}
  ...

But in my yaml file created from running f.save_config('./path/to/yaml') for running with jcloud deploy, I have those values hardcoded.

uses_with:
    table: odqa_encoded_document
    limit: 20
    dim: 768
    return_embeddings: true
    hostname: SECRET
    username: SECRET
    password: SECRET
    database: SECRET

Maybe all I need is a note in the README for externalizing these values.

commented

Hi @myntoralex, thanks for bringing this up! There are 2 things here.

  1. f.save_config(...) also saves the env vars to disk. This might contain secrets.
  2. How to pass these secrets while deploying a Flow on jcloud?

Could you please elaborate your expectations here?

commented

Closing this as the requirements are unclear.