https://flyte.org logo
#ask-the-community
Title
# ask-the-community
s

Swarup Srinivasan

11/21/2023, 10:29 PM
👋 I'm trying to add a custom
Principal
to Flyte execution metadata, but it seems like Flyte Admin overrides what we pass in execution_manager.go#L769. We currently have a custom auth layer using a Flyte Admin proxy service to handle auth (e.g. a custom
UserInfo
function, a custom
CreateExecution
function that adds security context, labels, etc. before calling the admin client, etc). This is where I tried adding the
Principal
but I think it gets overriden. If we can't update this directly from the proxy, is there any way to update the identity context so that Flyte Admin recognizes the correct user? We want this so that the database record for the execution is updated with the correct
user
field. The docs for ExecutionMetadata did mention that
Principal
is overriden only if using Flyte back-end auth, but not sure how to disable the override. Happy to hear any suggestions/thoughts!
I tried to vendor in Flyte Admin code to manually change the context's value at
ContextKeyIdentityContext
to be a custom
IdentityContext
before we call Flyte Admin itself, but the vendor results in a lot of added dependencies and some more issues, and I'm not sure if this is a good solution here I tried to vendor in
s

Samhita Alla

11/22/2023, 3:04 PM
cc @David Espejo (he/him)