New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expose configmaps/secrets to build environment #477
Comments
That will be supported in v0.5. |
Oh very nice :) We thought of this option, but in this case its easier for us to wait. Would you like to give a rough estimate for v0.5? (next month/quarter/year?) |
Pushing hard for a RC soon. |
Did this get lost? As far as I can see the configmaps/secrets are still not exposed in the build phase but only during runtime. |
I just found |
Hm. No I can't figure it out. There seems to be little docu for those settings pages (maybe I just didn't find it) and just adding the name of the configmap to |
I think I only understood what you are trying to do, you don't need the configmaps/secrets for the build process, but rather for the dockerfile templating, is that correct? |
Let's put it like this: Before running an experiment I need to install some packages (dependencies of the experiment). To download those I need a client certificate. It would be nice if I could expose this client-cert as a secret (+ some config as config maps). Honestly, I'm not sure how the build steps in polyaxon are different from dockerfile templating. As far as I understood it, the build steps of the polyaxonfile get translated to a Dockerfile, which is then used to build the container image used to run the experiment/job. |
Ok I see, it seems that in order to use the client-cert, a path must be mounted and the command must be updated, which is not supported in the v0.5. A fully customizable build (and any job/service) is what we are aiming for the v0.6. |
um... not sure if we need to mount a path. What we do so far is sth. like
Just that we can't have that in the |
@mouradmourafiq are you still watching this issue? |
Did you try your approach using kaniko as a build backend? |
I just tried it, but it doesn't seem to make a difference. |
Did you check if the config map gets mounted in the pod? |
Honestly I'm not sure how to check that :/ What would be the expected mount path? |
I will try it tomorrow and let you know if it's possible and what steps to do, if not possible, I will let you know if that could be possible in future releases. |
Great, thanks! |
I tried to make a minimal example of the problem with this polyaxon file:
and this secret:
Curiously now my builds fail with this error
Maybe I'm just missing what "catalog" is meant here. Also the docu doesn't specify it further as far as I can see. I can only guess that it refers to |
Thanks a lot for the screenshot. I looked for that on the Settings page, but its in a separate Stores page that I forgot about. |
yes, now that I understood what you are trying to achieve and that I am thinking about it, it's not going to work actually, in order to pass an env var from the host to the dockerizer process, something like this For kaniko, it seems that also you need to pass the envs as build args, though this issue mentions that this is not possible at the moment. In both cases, the build component should be customized, and these type of customizations are only possible in the v0.6. |
Ok. Thank you so much for your time and help. |
Hey, I was wondering if I could expose configmaps or secrets to build jobs aswell.
What I'm trying to do is add some custom apt sources along with a client cert in order to install some internal packages as dependencies.
Currently we work around this by installing some packages at runtime.
The text was updated successfully, but these errors were encountered: