I am trying to log in to Prefect Cloud from a docker container. If I hardcode my key and workspace in my dockerfile or in the script I’m running as entrypoint I can login fine. But if I pass these in as either ARG or ENV values I can’t.
# Dockerfile FROM prefecthq/prefect:2.7.10-python3.10 ARG PREFECT_API_KEY ARG PREFECT_API_WORKSPACE # Install poetry RUN pip install --upgrade pip RUN pip install poetry # Copy the project to image COPY /src /opt/my-project/src COPY README.md pyproject.toml poetry.lock deploy.sh /opt/my-project/ WORKDIR /opt/my-project # Install packages in the system Python RUN poetry config virtualenvs.create false RUN poetry config virtualenvs.prefer-active-python true RUN poetry install --no-dev RUN prefect cloud login -k <PREFECT_API_KEY> -w <PREFECT_API_WORKSPACE> ENTRYPOINT ["./deploy.sh"]
# ./deploy.sh echo 'Deploying flows...' cd src prefect deployment apply my_first-deployment.yaml prefect deployment apply my_second-deployment.yaml cd .. exec /opt/prefect/entrypoint.sh "$@"
It doesn’t seem to matter whether I pass the variables in at the build stage as
--build-arg or at run stage with
--env-file or whether I do the cloud login in the dockerfile or in deploy.sh. If it’s hardcoded, it’s fine. If it’s passed in as a variable it doesn’t work.
If the login attempt is in the dockerfile, the terminal output looks the same whether using a variable or hardcoded, but I am only actually logged in if hardcoded. If I do it in the deploy.sh, the login attempt passing in a variable is followed by a message “This profile is already authenticated with that key.” but it isn’t logged in and the deployments do not appear on the cloud. The login attempt with hardcoded values gets “Authenticated with Prefect Cloud! Using workspace ” and the deployments are made as intended.
I can’t understand it. I don’t want to be hardcoding my API key.