and out of curiosity, what did you think we were talking about? cos i didn't see anywhere else that might print the secrets.

Hi SubstantialElk6 , no worries, the reason it's not working for you is probably due to the fact that it's still in RC, and the agent version installed in the K8s POS is probably of the previous official version (or some older version). Can you share the more of the agents log (from the start)?

👍

I also see this on my logs, noting that the config is read in but its still printing the supposedly hidden keys on the logs and UI.
agent.hide_docker_command_env_vars.enabled = true agent.hide_docker_command_env_vars.extra_keys.0='TRAINS_AGENT_GIT_USER' ..... docker_cmd=harbor.ai/public/detectron2:v3 --env TRAINS_AGENT_GIT_USER=gituser

For some reason, I thought it was when the agent was executing the task, not when it prints out the configuration...

I didn't realize we were talking about the config printout, since you've added these env vars to the default docker...

SubstantialElk6 this feature was only introduced in the 1.0.1 RC releases (i.e. it is not part of v1.0.0) - you can either use one of the RC releases, or wait for the official v1.0.1 (will be released very soon).

I also see this on my logs, noting that the config is read in but its still printing the supposedly hidden keys on the logs and UI.

agent.hide_docker_command_env_vars.enabled = true

agent.hide_docker_command_env_vars.extra_keys.0='TRAINS_AGENT_GIT_USER'

The agent prints all of the configuration it loads, regardless of whether any part of the code uses it or not...

This is the log i extracted.

The vault (as part of the pair version) can certainly solve it, without the need for env vars that can be visible in certain scenarios (like you showed)

Ah ok. So it will be fixed on the ClearML server web UI as well? (See screenshots).

Hi just wondering if I did something wrong here. Would k8s-glue be the reason is not working? I'm purchasing the enterprise version and if vault has the same problem it'll be a big issue.

Hi SubstantialElk6 , what's your agent / ask version?

That's an easy fix, you'll see it in the next RC 🙂

ok, i'll wait till i get my hands on vault then. thanks.

Oh! I see now! 🙂

Hi SuccessfulKoala55 ,i managed to install clearml-agent==1.0.1rc5. However, the same issues occur.

Can this issue be solved with vault? It doesn't make sense to expose secrets like that.

As for the UI - that's a good question - how can we hide it there if it's also editable? Does it make sense to let you edit it but not see it?

Well, you're indeed running 1.0.1rc5 in there

Also, in the UI we can't really know your agent setting (also, you probably have multiple agents), so we can't know which env var should be masked...

Its 1.0.0. As printed on the top of the logs in ClearML Server UI.

Hi, by agent logs i suppose you meant the logs from the ClearML server console panel?