Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Core feature] Add user id to security context #3566

Closed
2 tasks done
ByronHsu opened this issue Apr 2, 2023 · 3 comments
Closed
2 tasks done

[Core feature] Add user id to security context #3566

ByronHsu opened this issue Apr 2, 2023 · 3 comments
Labels
enhancement New feature or request flyteadmin Issue for FlyteAdmin Service flytekit FlyteKit Python related issue

Comments

@ByronHsu
Copy link
Contributor

ByronHsu commented Apr 2, 2023
edited
Loading

Motivation: Why do you think this is important?

Currently, we do not have user id in the security context. Therefore, the developers are unable to decorate the task with user id on flytepropeller side.

Goal: What should the final outcome look like, ideally?

Add userid to security context protobuf and change related repo accordingly.

Describe alternatives you've considered

None

Propose: Link/Inline OR Additional context

No response

Are you sure this issue hasn't been raised already?

  • Yes

Have you read the Code of Conduct?

  • Yes
@ByronHsu ByronHsu added enhancement New feature or request untriaged This issues has not yet been looked at by the Maintainers labels Apr 2, 2023
@ByronHsu ByronHsu changed the title [Core feature] Add user identity to security context [Core feature] Add user id to security context Apr 2, 2023
@ByronHsu ByronHsu changed the title [Core feature] Add user id to security context [Core feature] Add user information to security identity protobuf Apr 2, 2023
@ByronHsu ByronHsu changed the title [Core feature] Add user information to security identity protobuf [Core feature] Add user id to security identity protobuf Apr 2, 2023
@ByronHsu ByronHsu changed the title [Core feature] Add user id to security identity protobuf [Core feature] Add user id to security identity Apr 2, 2023
@ByronHsu ByronHsu changed the title [Core feature] Add user id to security identity [Core feature] Add user id to security context Apr 2, 2023
This was referenced Apr 3, 2023
Merged
Merged
@ByronHsu
Copy link
Contributor Author

ByronHsu commented May 5, 2023
edited
Loading

@MickJermsurawong will be collaborating on this issue. We will provide a configurable way to map securityContext.Identity to pod label.

Implementation:

  1. Use taskCtx.TaskExecutionMetadata().GetSecurityContext() to extract securityContext from taskCtx (line)
  2. Inject identity to objectMeta's label with customKey Name (line)

Config:

  1. Developers should be able to config (maybe use configmap) which fields of securityContext.Identity to map to pod labels

@ByronHsu ByronHsu mentioned this issue May 10, 2023
Merged
3 tasks
@ByronHsu ByronHsu reopened this May 24, 2023
@pingsutw
Copy link
Member

@ByronHsu could we close this issue?

@pingsutw pingsutw added flyteadmin Issue for FlyteAdmin Service flytekit FlyteKit Python related issue and removed untriaged This issues has not yet been looked at by the Maintainers labels Dec 22, 2023
@mickjermsurawong-stripe
Copy link

Yup Kevin! Thanks for revisiting here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request flyteadmin Issue for FlyteAdmin Service flytekit FlyteKit Python related issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@wild-endeavor @ByronHsu @pingsutw @mickjermsurawong-stripe