You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi there,
Was wondering what the best practices are for passing secrets/keys to a worker provisioned with skypilot.
Currently, I'm using skypilot to run a docker image.
I saw this example in your docs for wandb creds:
file_mounts:
~/.netrc: ~/.netrc
For docker, I could do the same file_mount for a .env file and then mount the .env to the docker container.
Just wanted to know if this is the best way to manage secrets with skypilot, and how secure this approach would be.
Best,
Erwann
The text was updated successfully, but these errors were encountered:
Thanks for the question @ErwannMillon! This approach should be safe as long as you trust the cloud provider and the VMs you created.
We have several ways to pass the secret:
sky launch --env WANDB_API_KEY which will pass the environment variable to the remote VM, when your job is running.
In your task yaml, you can specify the envvar as the following:
Hi,
Thanks a lot for the quick answer!
Will implement this. For future, I like the idea of adding env vars from a .env file
Thanks for the great work :))
Hi there,
Was wondering what the best practices are for passing secrets/keys to a worker provisioned with skypilot.
Currently, I'm using skypilot to run a docker image.
I saw this example in your docs for wandb creds:
For docker, I could do the same file_mount for a .env file and then mount the .env to the docker container.
Just wanted to know if this is the best way to manage secrets with skypilot, and how secure this approach would be.
Best,
Erwann
The text was updated successfully, but these errors were encountered: