Add a --credentials-file flag for adding/updating providers and remove provider specific flags which expose secrets#2062
Conversation
✅ Deploy Preview for transformerlab canceled.
|
|
Paragon Review Skipped Hi @deep1401! Your Polarity credit balance is insufficient to complete this review. Please visit https://app.paragon.run to finish your review. |
| console.print(f"[error]Error:[/error] Invalid JSON in --config: {e}") | ||
| raise typer.Exit(1) | ||
| if credentials_file is not None: | ||
| creds = _read_credentials_file(credentials_file) |
There was a problem hiding this comment.
Do you need to do the whole if aws/gcp thing here like you did in add? Otherwise it just ends up in the config?
There was a problem hiding this comment.
Yeah the motive of doing this was that for gcp, the credentials file would just be the json you download from gcp
There was a problem hiding this comment.
Sorry misunderstood, added the same logic to lab provider update
| if bool(aws_access_key_id) != bool(aws_secret_access_key): | ||
| console.print( | ||
| "[error]Error:[/error] Provide both --aws-access-key-id and --aws-secret-access-key, or neither." | ||
| "[error]Error:[/error] --credentials-file for --type aws must contain both " |
There was a problem hiding this comment.
I did this command:
lab provider add --no-interactive --type aws --config '{"region": "us-east-1"}' --name aws_credfiletest
i.e. I forgot my credentials file. It says it created the provider anyways but then failed the health check.
Ideally an error would print out here saying you need a credential file in non-interactive mode?
There was a problem hiding this comment.
Okay fixed now, there was a guard for gcp but not aws, we have for both now
Fixes #2056