application secrets in pipeline

[surajnarwade]

I am trying out dagster example in my test environment, I noticed if my application needs any environment variable from secret, I need to add that secret into user deployment as well as under env_secrets in instance configmap which is consumed by daemon.

is there a need to provide env_secrets to daemon when we are already passing this information to user deployment?

if it is really needed by daemon then, do we need to pass this secret to user deployment?

I am a bit confused here with the overall architecture, can someone please explain.

many thanks :)

[cbio-mannyschneck]

Yeah so you're not passing this to the daemon per-se. The daemon is launching your pods, and it needs to know how to launch them.

That's a configmap you're modifying there, which is why you need to bounce the daemon after applying it.

Does that make sense? I'm figuring this out as I go, so my understanding is a little raw.