silly-jelly-43096
03/01/2023, 3:10 PMpyflyte package
+ flytectl register
to only use pyflyte register
when deploying flyte workflows - but now i get an authentication error. With flytectl
i could authenticate by writing a secret to ~/.flyte/client_secret
but seems this is not working for pyflyte
Maybe someone else had similar issues?freezing-airport-6809
silly-jelly-43096
03/02/2023, 8:08 AMtall-lock-23197
silly-jelly-43096
03/02/2023, 9:05 AM~/.flyte/client_secret
2. fetch the secret from secret manager and writes it in the newly created file
3. add an empty line in the end (because of this: https://github.com/flyteorg/flytekit/blob/70a08256adefc98ee42da86171177ab5b5136b6d/tests/flytekit/unit/configuration/test_internal.py#L42)silly-jelly-43096
03/02/2023, 9:07 AMconfig.yaml
admin:
endpoint: dns:///flyte.our.domain
authType: ClientSecret
clientSecretLocation: /root/.flyte/client_secret
insecure: false
logger:
show-source: true
level: 0
tall-lock-23197
clientId
as well? Also, what's the error you're seeing?silly-jelly-43096
03/02/2023, 10:50 AM{
"asctime": "2023-03-02 08:56:07,735",
"name": "flytekit.cli",
"levelname": "ERROR",
"message": "Non-200 (401) received from IDP: {\"error\":\"invalid_client\",\"error_description\":\"Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method).\"}"
}
This is the error i receivesilly-jelly-43096
03/02/2023, 10:51 AMpyflyte package
+ flytectl register
. But now when we use only pyflyte register
we got this errortall-lock-23197
thankful-minister-83577
thankful-minister-83577
thankful-minister-83577
silly-jelly-43096
03/03/2023, 11:54 AMsilly-jelly-43096
03/03/2023, 12:18 PM# Leave empty to use the value discovered through flyteAdmin's Auth discovery endpoint.
So i guess that made it work when i used flytectl register? Seems like pyflyte register does not work in the same way though.freezing-airport-6809
freezing-airport-6809
freezing-airport-6809
silly-jelly-43096
03/03/2023, 2:47 PMflytectl register
the auth setup worked for us - and we didn't specify clientId inside config.yml
freezing-airport-6809
freezing-airport-6809
freezing-airport-6809
freezing-airport-6809
freezing-airport-6809
silly-jelly-43096
03/03/2023, 2:51 PMgrpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
status = StatusCode.UNAUTHENTICATED
details = "token parse error [JWT_VERIFICATION_FAILED] Could not retrieve id token from metadata, caused by: rpc error: code = Unauthenticated desc = Request unauthenticated with IDToken"
debug_error_string = "UNKNOWN:Error received from peer ipv4:<ipaddress> {grpc_message:"token parse error [JWT_VERIFICATION_FAILED] Could not retrieve id token from metadata, caused by: rpc error: code = Unauthenticated desc = Request unauthenticated with IDToken", grpc_status:16, created_time:"2023-03-02T08:56:07.716682455+00:00"}"
>
if it helps?silly-jelly-43096
03/03/2023, 2:53 PMsilly-jelly-43096
03/06/2023, 8:57 AMthankful-minister-83577
thankful-minister-83577
thankful-minister-83577
silly-jelly-43096
03/07/2023, 3:20 PMconfigmap:
adminServer:
auth:
appAuth:
thirdPartyConfig:
flyteClient:
clientId: <the_client_id>
redirectUri: <http://the_domain/callback>
scopes:
- offline
- all
...
(We have more things there as well)
But how to create the one for pyflyte register
? because before it was working for us without specifying the clientId in config.yml when we used flytectl register
silly-jelly-43096
03/08/2023, 8:15 AMtall-lock-23197
clientID
is the Access Key ID.silly-jelly-43096
03/08/2023, 11:31 AMthankful-minister-83577
thankful-minister-83577
thankful-minister-83577
thankful-minister-83577
thankful-minister-83577
average-finland-92144
03/13/2023, 4:29 PMsilly-jelly-43096
03/15/2023, 6:49 AMpyflyte register
and one way from the ci cd pipeline with pyflyte package
+`flytectl register`