Summary
The user is facing issues with the flyte-copilot-downloader
init container, which is embedding secrets into the manifest, raising concerns about sensitive information being exposed in their batch compute engine's UI. They note that even when a secret is configured in the helm chart, it is directly mounted to the datacatalog deployment, lacking awareness of Kubernetes-level secrets. The user suggests that additional context may need to be integrated, and that Flyte Copilot might require refactoring to manage environment variables effectively.
sovietaced
I opened a PR here: https://github.com/flyteorg/flyte/pull/5750
Not 100% the API signatures are ideal but yeah