Hmm. Is the Flytectl config and pyflyte supposed t...
# flyte-support
g
Hmm. Is the Flytectl config and pyflyte supposed to be the same? What seeems to have worked for pyflyte is causing issues in flytectl
Currently getting this:
Copy code
{"json":{"src":"viper.go:400"},"level":"debug","msg":"Config section [admin] updated. Firing updated event.","ts":"2024-04-16T11:53:55+02:00"}
{"json":{"src":"viper.go:398"},"level":"debug","msg":"Config section [storage] updated. No update handler registered.","ts":"2024-04-16T11:53:55+02:00"}
{"json":{"src":"viper.go:398"},"level":"debug","msg":"Config section [root] updated. No update handler registered.","ts":"2024-04-16T11:53:55+02:00"}
{"json":{"src":"viper.go:398"},"level":"debug","msg":"Config section [files] updated. No update handler registered.","ts":"2024-04-16T11:53:55+02:00"}
{"json":{"src":"client.go:63"},"level":"info","msg":"Initialized Admin client","ts":"2024-04-16T11:53:55+02:00"}
{"json":{"src":"auth_interceptor.go:86"},"level":"debug","msg":"Request failed due to [rpc error: code = Unauthenticated desc = token parse error [JWT_VERIFICATION_FAILED] Could not retrieve id token from metadata, caused by: rpc error: code = Unauthenticated desc = Request unauthenticated with IDToken]. If it's an unauthenticated error, we will attempt to establish an authenticated context.","ts":"2024-04-16T11:53:56+02:00"}
{"json":{"src":"auth_interceptor.go:91"},"level":"debug","msg":"Request failed due to [Unauthenticated]. Attempting to establish an authenticated connection and trying again.","ts":"2024-04-16T11:53:56+02:00"}
{"json":{"src":"base_token_orchestrator.go:63"},"level":"info","msg":"found the token in the cache","ts":"2024-04-16T11:53:57+02:00"}
Error: Connection Info: [Endpoint: <REDACTED>, InsecureConnection?: false, AuthMode: Pkce]: rpc error: code = Unauthenticated desc = token parse error [JWT_VERIFICATION_FAILED] Could not retrieve id token from metadata, caused by: rpc error: code = Unauthenticated desc = Request unauthenticated with IDToken
{"json":{"src":"main.go:13"},"level":"error","msg":"Connection Info: [Endpoint: <REDACTED>, InsecureConnection?: false, AuthMode: Pkce]: rpc error: code = Unauthenticated desc = token parse error [JWT_VERIFICATION_FAILED] Could not retrieve id token from metadata, caused by: rpc error: code = Unauthenticated desc = Request unauthenticated with IDToken","ts":"2024-04-16T11:53:57+02:00"}
I've also tried authMode
clientSecret
and
ClientSecret
which also do not seem to work
But pyflyte can reach it just fine
p
hello - can you show what you use for your config.yaml?
and to confirm, you're seeing the above error when running
pyflyte run --remote
?
g
No, I'm seeing the above error when running
flytectl get task-resource-attributes -p flytesnacks -d development
pyflyte is actually doing ok
So, the config seems to be fine for pyflyte, but not for flytectl. This is the config, @proud-answer-87162 :
Copy code
admin:
  # For GRPC endpoints you might want to use dns:///flyte.myexample.com
  endpoint: dns:///<REDACTED>
  clientSecretLocation: /path/to/secret
  clientId: flytepropeller
  authType: clientSecret
  verify: true
logger:
  show-source: true
  level: 5
This config gives btw a different error in flytectl:
Copy code
ERRO[0000] Failed to umarshal Data: clientSecret. Error: clientSecret does not belong to AuthType values. Skipping jsonUnmarshalHook 
Error: 

1 error(s) decoding:

* cannot parse 'authType' as uint: strconv.ParseUint: parsing "clientSecret": invalid syntax

1 error(s) decoding:

* '' has invalid keys: evel
So I change it to authtype to
ClientSecret
p
sorry, i'm not familiar with the flytectl auth model. we'll have to wait for one of the devs to offer thoughts
g
(The 'evel' is from a typo.. Should have been
logger.level
)
Hmm. Now seems to work 🤔 Just tried
flytectl get execution -p flytesnacks -d development
and I do get a table of executions: However, I still get this message:
Copy code
"json":{"src":"auth_interceptor.go:86"},"level":"debug","msg":"Request failed due to [rpc error: code = Unauthenticated desc = token parse error [JWT_VERIFICATION_FAILED] Could not retrieve id token from metadata, caused by: rpc error: code = Unauthenticated desc = Request unauthenticated with IDToken]. If it's an unauthenticated error, we will attempt to establish an authenticated context.","ts":"2024-04-16T17:20:55+02:00"}
{"json":{"src":"auth_interceptor.go:91"},"level":"debug","msg":"Request failed due to [Unauthenticated]. Attempting to establish an authenticated connection and trying again.","ts":"2024-04-16T17:20:55+02:00"}
{"json":{"src":"execution.go:148"},"level":"info","msg":"Retrieved 100 executions","ts":"2024-04-16T17:20:56+02:00"}
So this is just a warning then?
p
the fact that it's
"level":"debug"
makes it seem so. maybe part of the auth hunt order? (pure speculation)
g
Could be! Wonder if I had some other typo in there that was preventing it. Or maybe it did succeed before and I was thrown off guard by the debug auth logs
a
I think is a warning too, I see it when browsing logs