ok, i'll wait till i get my hands on vault then. thanks.

👍

Ah ok. So it will be fixed on the ClearML server web UI as well? (See screenshots).

Can this issue be solved with vault? It doesn't make sense to expose secrets like that.

SubstantialElk6 this feature was only introduced in the 1.0.1 RC releases (i.e. it is not part of v1.0.0) - you can either use one of the RC releases, or wait for the official v1.0.1 (will be released very soon).

I also see this on my logs, noting that the config is read in but its still printing the supposedly hidden keys on the logs and UI.

agent.hide_docker_command_env_vars.enabled = true

agent.hide_docker_command_env_vars.extra_keys.0='TRAINS_AGENT_GIT_USER'

The agent prints all of the configuration it loads, regardless of whether any part of the code uses it or not...

I also see this on my logs, noting that the config is read in but its still printing the supposedly hidden keys on the logs and UI.
agent.hide_docker_command_env_vars.enabled = true agent.hide_docker_command_env_vars.extra_keys.0='TRAINS_AGENT_GIT_USER' ..... docker_cmd=harbor.ai/public/detectron2:v3 --env TRAINS_AGENT_GIT_USER=gituser

Hi SuccessfulKoala55 ,i managed to install clearml-agent==1.0.1rc5. However, the same issues occur.

Its 1.0.0. As printed on the top of the logs in ClearML Server UI.

Hi SubstantialElk6 , no worries, the reason it's not working for you is probably due to the fact that it's still in RC, and the agent version installed in the K8s POS is probably of the previous official version (or some older version). Can you share the more of the agents log (from the start)?

I didn't realize we were talking about the config printout, since you've added these env vars to the default docker...

This is the log i extracted.

Oh! I see now! 🙂

Also, in the UI we can't really know your agent setting (also, you probably have multiple agents), so we can't know which env var should be masked...

As for the UI - that's a good question - how can we hide it there if it's also editable? Does it make sense to let you edit it but not see it?

That's an easy fix, you'll see it in the next RC 🙂

The vault (as part of the pair version) can certainly solve it, without the need for env vars that can be visible in certain scenarios (like you showed)

Hi SubstantialElk6 , what's your agent / ask version?

Hi just wondering if I did something wrong here. Would k8s-glue be the reason is not working? I'm purchasing the enterprise version and if vault has the same problem it'll be a big issue.

For some reason, I thought it was when the agent was executing the task, not when it prints out the configuration...

and out of curiosity, what did you think we were talking about? cos i didn't see anywhere else that might print the secrets.

Well, you're indeed running 1.0.1rc5 in there

Hi, by agent logs i suppose you meant the logs from the ClearML server console panel?