# Define pipeline secrets


### 1. Define the necessary environment variables and install the Kubernetes CLI
We assume this notebook kernel has access to the service account on kubernetes.

In [None]:
import requests
import subprocess
res = requests.get('https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl', allow_redirects=True)
open('kubectl', 'wb').write(res.content)
subprocess.call(['chmod', '755', 'kubectl'])

## 2.1. Define Credentials for the IBM OSS pipeline

**Please fill in the below environment variables with you own settings.**

- **s3_url**: S3 Object storage endpoint for your FfDL training job.
- **s3_access_key_id**: S3 Object storage access key id
- **s3_secret_access_key**: S3 Object storage secret access key
- **training_bucket**: S3 Bucket for the training job data location.
- **result_bucket**: S3 Bucket for the training job result location.
- **ffdl_rest**: RESTAPI endpoint for FfDL.
- **k8s_public_nodeport_ip**: IP of the host machine. It will be used to generate a web service endpoint for the served model.

In [None]:
oss_creds= {
    's3_url': '',
    's3_access_key_id': '',
    's3_secret_access_key': '',
    'training_bucket': '',
    'result_bucket': '',
    'ffdl_rest': '',
    'k8s_public_nodeport_ip': ''
}

In [None]:
### Define a secret_name for your credentials
secret_name = "kfp-creds"
command = ['./kubectl', 'create', 'secret', 'generic', secret_name]
for key in oss_creds:
    command.append('--from-literal=%s=\'%s\'' % (key, oss_creds[key]))

In [None]:
!./kubectl delete secret $secret_name

In [None]:
subprocess.run(command)

In [None]:
!./kubectl describe secret $secret_name

## 2.2. Define Credentials for the WML pipeline

**Please fill in the below environment variables with you own settings.**

In [None]:
wml_creds= {
    'wml_url': '',
    'wml_apikey': '',
    'wml_instance_id': '',
    'wml_data_source_type': '',
    'cos_endpoint': '',
    'cos_access_key': '',
    'cos_secret_key': '',
    'cos_input_bucket': '',
    'cos_output_bucket': ''
}

In [None]:
### Define a secret_name for your credentials
secret_name_wml = "wml-creds"
command = ['./kubectl', 'create', 'secret', 'generic', secret_name_wml]
for key in wml_creds:
    command.append('--from-literal=%s=\'%s\'' % (key, wml_creds[key]))

In [None]:
!./kubectl delete secret $secret_name_wml

In [None]:
subprocess.run(command)

In [None]:
!./kubectl describe secret $secret_name_wml

## 2.3. Define Credentials for the End to End and Canary testing pipeline

**Please fill in the below environment variables with you own settings.**
- **s3_url**: S3 Object storage endpoint for your FfDL training job.
- **s3_access_key_id**: S3 Object storage access key id
- **s3_secret_access_key**: S3 Object storage secret access key
- **training_bucket**: S3 Bucket for the training job data location.
- **result_bucket**: S3 Bucket for the training job result location.
- **ffdl_rest**: RESTAPI endpoint for FfDL.
- **slack_api_endpoint**: Slack App WebHook for notify the operator regrading the pipeline status.
- **retrain_func_endpoint**: The OpenWhisk function endpoint to trigger a new retrain pipeline.

In [None]:
e2e_creds= {
    's3_url': '',
    's3_access_key_id': '',
    's3_secret_access_key': '',
    'training_bucket': '',
    'result_bucket': '',
    'ffdl_rest': '',
    'slack_api_endpoint': '',
    'knative_url': '',
    'kiali_domain_name': '',
    'knative_ingress': '',
    'local_cluster_deployment': '',
    'knative_custom_domain': '',
    'k8s_controller_url': '',
    'public_ip': ''
}

In [None]:
### Define a secret_name for your credentials
secret_name_e2e = "e2e-creds"
command = ['./kubectl', 'create', 'secret', 'generic', secret_name_e2e]
for key in e2e_creds:
    command.append('--from-literal=%s=\'%s\'' % (key, e2e_creds[key]))

In [None]:
!./kubectl delete secret $secret_name_e2e

In [None]:
subprocess.run(command)

In [None]:
!./kubectl describe secret $secret_name_e2e

## Define Credentials for the Watson Openscale pipeline

**Please fill in the below environment variables with you own settings.**

- **aios_guid**: GUID of the AI OpenScale service
- **cloud_api_key**: API Key for accessing IBM Cloud
- **postgres_uri**: PostgreSQL URI for accessing the database
- **cos_url**: IBM Cloud Object Storage Regional URL.
- **cos_apikey**: API Key for IBM Cloud Object Storage.
- **cos_resource_id**: IBM Cloud Object Storage resource instance ID
- **wml_credentials**: Watson Machine Learning credentials stored as Json string
- **spark_tenant_id**: Spark service tenant id
- **spark_tenant_secret** : Spark service tenant secret
- **spark_cluster_master_url**: Spark service cluster master URL
- **spark_instance_id**: Spark service instance ID

In [None]:
aios_creds= {
    'aios_guid': '',
    'cloud_api_key': '',
    'postgres_uri': '',
    'spark_tenant_id': '',
    'spark_tenant_secret': '',
    'spark_cluster_master_url': '',
    'spark_instance_id': '',
    'cos_endpoint': '',
    'cos_access_key': '',
    'cos_secret_key': '',
    'wml_apikey': '',
    'wml_password': '',
    'wml_instance_id': ''
}

In [None]:
### Define a secret_name for your credentials
secret_name_aios = "aios-creds"
command = ['./kubectl', 'create', 'secret', 'generic', secret_name_aios]
for key in aios_creds:
    command.append('--from-literal=%s=\'%s\'' % (key, aios_creds[key]))

In [None]:
!./kubectl delete secret $secret_name_aios

In [None]:
subprocess.run(command)

In [None]:
!./kubectl describe secret $secret_name_aios