Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secrets interface cleanup #3842

Open
wants to merge 4 commits into
base: develop
Choose a base branch
from
Open

Secrets interface cleanup #3842

wants to merge 4 commits into from
+240 −377

Conversation

brimoor
Copy link
Contributor

@brimoor brimoor commented Nov 28, 2023
edited

Change log

  • Avoids usage of operator._plugin_secrets outside of the Operator class
  • All secret resolution now happens in ExecutionContext, as opposed to being partly in ExecutionContext and partly in SecretsDictionary

Notes

  • Ideally (to me) it would be the case that all secret resolution happens when ctx.resolve_secret_values() is called. Currently that is not the case, as it also appears to be necessary for ctx.secrets to dynamically resolve secrets. That behavior is maintained in this PR (although all secrets are resolved in a batch the first time ctx.secrets is accessed, rather than resolving one-by-one).

@brimoor brimoor self-assigned this Nov 28, 2023
@codecov Codecov
Copy link

codecov bot commented Nov 28, 2023
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (1a9f431) 15.53% compared to head (8f00199) 15.53%.
Report is 8 commits behind head on develop.

Additional details and impacted files 
@@           Coverage Diff            @@
##           develop    #3842   +/-   ##
========================================
  Coverage    15.53%   15.53%           
========================================
  Files          731      731           
  Lines        81497    81497           
  Branches      1087     1087           
========================================
  Hits         12664    12664           
  Misses       68833    68833
Flag Coverage Δ
app 15.53% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

kaixi-wang
kaixi-wang requested changes Nov 28, 2023
View reviewed changes
fiftyone/operators/operator.py
"""The list of secrets known to the operator, or None."""
return self._secrets

def register_secrets(self, secrets):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

doesn't this allow registering secrets that are not in the plugin definition?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes it does. Also true for the current implementation in develop. It reflects a need for further refactoring as it would be more appropriate for secret registration to be owned by the ExecutionContext, not the Operator.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The current implementation doesn't facilitate users to register unlisted secrets

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All I did was rename the add_secrets() method to register_secrets()

kaixi-wang
kaixi-wang reviewed Nov 28, 2023
View reviewed changes
fiftyone/plugins/secrets.py
self.__secrets = {}
self._operator_uri = None
self._resolver = None
class SecretsDictionary(Mapping):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are you removing this?!?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The secret resolution logic is now inside ExecutionContext, and we get the other read-only aspects for free by implementing Mapping

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't believe we should make it a simple dict. I think we should at least try to make secrets secure and iterate

Base automatically changed from release/v0.23.0 to main December 5, 2023 23:13
@brimoor brimoor changed the base branch from main to develop December 6, 2023 13:36
@brimoor brimoor changed the title [WIP] Only resolve secrets in resolve_secret_values() Only resolve secrets in resolve_secret_values() Dec 6, 2023
@brimoor brimoor changed the title Only resolve secrets in resolve_secret_values() Secrets interface cleanup Dec 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kaixi-wang kaixi-wang kaixi-wang requested changes

@ritch ritch Awaiting requested review from ritch

@imanjra imanjra Awaiting requested review from imanjra

Requested changes must be addressed to merge this pull request.

Assignees

@brimoor brimoor

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@brimoor @kaixi-wang