prefect Add PREFECT_API_DATABASE_PASSWORD_FILE environment variable to be used with docker secrets

Add PREFECT_API_DATABASE_PASSWORD_FILE environment variable to be used with docker secrets

Open rhofland opened this issue 1 year ago • 0 comments

First check

[X] I added a descriptive title to this issue.
[X] I used the GitHub search to find a similar request and didn't find it.
[X] I searched the Prefect documentation for this feature.

Prefect Version

2.x

Describe the current behavior

Currently the way to pass the postgres password to the prefect server in docker is to pass the PREFECT_API_DATABASE_PASSWORD environment variable.

Describe the proposed behavior

This doesn't allow the use of docker secrets (https://docs.docker.com/engine/swarm/secrets/) Adding PREFECT_API_DATABASE_PASSWORD_FILE would allow the prefect server to read the postgres password from a file (which is managed by docker secrets).

Example Use

docker-compose.yaml:
services:
    prefect-server:
        ...omitted...
        secrets:
           - source: prefect_api_database_password
             target: /run/secrets/prefect_api_database_password.txt
        environment:
           - PREFECT_API_DATABASE_PASSWORD_FILE=/run/secrets/prefect_api_database_password.txt

secrets:
  prefect_api_database_password:
    name: prefect_api_database_password
    external: true

Additional context

This is supported by many projects, including postgres...see section about docker secrets on https://hub.docker.com/_/postgres

Jan 05 '24 23:01 rhofland

prefect prefect copied to clipboard

Add PREFECT_API_DATABASE_PASSWORD_FILE environment variable to be used with docker secrets

First check

Prefect Version

Describe the current behavior

Describe the proposed behavior

Example Use

Additional context

prefect
prefect copied to clipboard