Receive Secrets from OS at Runtime for Config
myntoralex opened this issue · comments
myntoralex commented
I use the HNSWPostgresIndexer, with which I provide some database secrets I would like to keep secret. In my python code for my executor I do the following,
...
uses_with={
'table': 'odqa_encoded_document',
'limit': 20,
'dim': 768,
'return_embeddings': True,
'hostname': os.environ.get('POSTGRES_HOST'),
'username': os.environ.get('POSTGRES_USER'),
'password': os.environ.get('POSTGRES_PASSWORD'),
'database': os.environ.get('POSTGRES_DB')}
...
But in my yaml file created from running f.save_config('./path/to/yaml')
for running with jcloud deploy, I have those values hardcoded.
uses_with:
table: odqa_encoded_document
limit: 20
dim: 768
return_embeddings: true
hostname: SECRET
username: SECRET
password: SECRET
database: SECRET
Maybe all I need is a note in the README for externalizing these values.
Deepankar Mahapatro commented
Hi @myntoralex, thanks for bringing this up! There are 2 things here.
f.save_config(...)
also saves the env vars to disk. This might contain secrets.- How to pass these secrets while deploying a Flow on jcloud?
Could you please elaborate your expectations here?
Deepankar Mahapatro commented
Closing this as the requirements are unclear.