ob-metaflow 2.11.14.1__py2.py3-none-any.whl → 2.11.15.2__py2.py3-none-any.whl

metaflow/cli.py

@@ -287,126 +287,6 @@ def dump(obj, input_path, private=None, max_value_size=None, include=None, file=
         echo("Artifacts written to *%s*" % file)
 
 
-@cli.command(
-    help="Show stdout/stderr produced by a task or all tasks in a step. "
-    "The format for input-path is either <run_id>/<step_name> or "
-    "<run_id>/<step_name>/<task_id>."
-)
-@click.argument("input-path")
-@click.option(
-    "--stdout/--no-stdout",
-    default=False,
-    show_default=True,
-    help="Show stdout of the task.",
-)
-@click.option(
-    "--stderr/--no-stderr",
-    default=False,
-    show_default=True,
-    help="Show stderr of the task.",
-)
-@click.option(
-    "--both/--no-both",
-    default=True,
-    show_default=True,
-    help="Show both stdout and stderr of the task.",
-)
-@click.option(
-    "--timestamps/--no-timestamps",
-    default=False,
-    show_default=True,
-    help="Show timestamps.",
-)
-@click.pass_obj
-def logs(obj, input_path, stdout=None, stderr=None, both=None, timestamps=False):
-    types = set()
-    if stdout:
-        types.add("stdout")
-        both = False
-    if stderr:
-        types.add("stderr")
-        both = False
-    if both:
-        types.update(("stdout", "stderr"))
-
-    streams = list(sorted(types, reverse=True))
-
-    # Pathspec can either be run_id/step_name or run_id/step_name/task_id.
-    parts = input_path.split("/")
-    if len(parts) == 2:
-        run_id, step_name = parts
-        task_id = None
-    elif len(parts) == 3:
-        run_id, step_name, task_id = parts
-    else:
-        raise CommandException(
-            "input_path should either be run_id/step_name "
-            "or run_id/step_name/task_id"
-        )
-
-    datastore_set = TaskDataStoreSet(
-        obj.flow_datastore, run_id, steps=[step_name], allow_not_done=True
-    )
-    if task_id:
-        ds_list = [
-            TaskDataStore(
-                obj.flow_datastore,
-                run_id=run_id,
-                step_name=step_name,
-                task_id=task_id,
-                mode="r",
-                allow_not_done=True,
-            )
-        ]
-    else:
-        ds_list = list(datastore_set)  # get all tasks
-
-    if ds_list:
-
-        def echo_unicode(line, **kwargs):
-            click.secho(line.decode("UTF-8", errors="replace"), **kwargs)
-
-        # old style logs are non mflog-style logs
-        maybe_old_style = True
-        for ds in ds_list:
-            echo(
-                "Dumping logs of run_id=*{run_id}* "
-                "step=*{step}* task_id=*{task_id}*".format(
-                    run_id=ds.run_id, step=ds.step_name, task_id=ds.task_id
-                ),
-                fg="magenta",
-            )
-
-            for stream in streams:
-                echo(stream, bold=True)
-                logs = ds.load_logs(LOG_SOURCES, stream)
-                if any(data for _, data in logs):
-                    # attempt to read new, mflog-style logs
-                    for line in mflog.merge_logs([blob for _, blob in logs]):
-                        if timestamps:
-                            ts = mflog.utc_to_local(line.utc_tstamp)
-                            tstamp = ts.strftime("%Y-%m-%d %H:%M:%S.%f")[:-3]
-                            click.secho(tstamp + " ", fg=LOGGER_TIMESTAMP, nl=False)
-                        echo_unicode(line.msg)
-                    maybe_old_style = False
-                elif maybe_old_style:
-                    # if they are not available, we may be looking at
-                    # a legacy run (unless we have seen new-style data already
-                    # for another stream). This return an empty string if
-                    # nothing is found
-                    log = ds.load_log_legacy(stream)
-                    if log and timestamps:
-                        raise CommandException(
-                            "We can't show --timestamps for old runs. Sorry!"
-                        )
-                    echo_unicode(log, nl=False)
-    else:
-        raise CommandException(
-            "No Tasks found at the given path -- "
-            "either none exist or none have started yet"
-        )
-
-
 # TODO - move step and init under a separate 'internal' subcommand
 
 

metaflow/datastore/datastore_set.py

@@ -22,7 +22,7 @@ class TaskDataStoreSet(object):
         prefetch_data_artifacts=None,
         allow_not_done=False,
     ):
-        self.task_datastores = flow_datastore.get_latest_task_datastores(
+        self.task_datastores = flow_datastore.get_task_datastores(
             run_id, steps=steps, pathspecs=pathspecs, allow_not_done=allow_not_done
         )
 

metaflow/datastore/flow_datastore.py

@@ -67,8 +67,15 @@ class FlowDataStore(object):
     def datastore_root(self):
         return self._storage_impl.datastore_root
 
-    def get_latest_task_datastores(
-        self, run_id=None, steps=None, pathspecs=None, allow_not_done=False
+    def get_task_datastores(
+        self,
+        run_id=None,
+        steps=None,
+        pathspecs=None,
+        allow_not_done=False,
+        attempt=None,
+        include_prior=False,
+        mode="r",
     ):
         """
         Return a list of TaskDataStore for a subset of the tasks.
@@ -93,6 +100,12 @@ class FlowDataStore(object):
         allow_not_done : bool, optional
             If True, returns the latest attempt of a task even if that attempt
             wasn't marked as done, by default False
+        attempt : int, optional
+            Attempt number of the tasks to return.  If not provided, returns latest attempt.
+        include_prior : boolean, default False
+            If True, returns all attempts up to and including attempt.
+        mode : str, default "r"
+            Mode to initialize the returned TaskDataStores in.
 
         Returns
         -------
@@ -126,8 +139,13 @@ class FlowDataStore(object):
                 if task.is_file is False
             ]
         urls = []
+        # parse content urls for specific attempt only, or for all attempts in max range
+        attempt_range = range(metaflow_config.MAX_ATTEMPTS)
+        # we have no reason to check for attempts greater than MAX_ATTEMPTS, as they do not exist.
+        if attempt is not None and attempt <= metaflow_config.MAX_ATTEMPTS - 1:
+            attempt_range = range(attempt + 1) if include_prior else [attempt]
         for task_url in task_urls:
-            for attempt in range(metaflow_config.MAX_ATTEMPTS):
+            for attempt in attempt_range:
                 for suffix in [
                     TaskDataStore.METADATA_DATA_SUFFIX,
                     TaskDataStore.METADATA_ATTEMPT_SUFFIX,
@@ -168,11 +186,19 @@ class FlowDataStore(object):
             for (run, step, task), attempt in latest_started_attempts.items()
         )
         if allow_not_done:
-            latest_to_fetch = latest_started_attempts
+            latest_to_fetch = (
+                done_attempts.union(latest_started_attempts)
+                if include_prior
+                else latest_started_attempts
+            )
         else:
-            latest_to_fetch = latest_started_attempts & done_attempts
+            latest_to_fetch = (
+                done_attempts
+                if include_prior
+                else (latest_started_attempts & done_attempts)
+            )
         latest_to_fetch = [
-            (v[0], v[1], v[2], v[3], data_objs.get(v), "r", allow_not_done)
+            (v[0], v[1], v[2], v[3], data_objs.get(v), mode, allow_not_done)
             for v in latest_to_fetch
         ]
         return list(itertools.starmap(self.get_task_datastore, latest_to_fetch))

metaflow/datastore/task_datastore.py

@@ -173,6 +173,26 @@ class TaskDataStore(object):
                 if data_obj is not None:
                     self._objects = data_obj.get("objects", {})
                     self._info = data_obj.get("info", {})
+        elif self._mode == "d":
+            self._objects = {}
+            self._info = {}
+
+            if self._attempt is None:
+                for i in range(metaflow_config.MAX_ATTEMPTS):
+                    check_meta = self._metadata_name_for_attempt(
+                        self.METADATA_ATTEMPT_SUFFIX, i
+                    )
+                    if self.has_metadata(check_meta, add_attempt=False):
+                        self._attempt = i
+
+            # Do not allow destructive operations on the datastore if attempt is still in flight
+            # and we explicitly did not allow operating on running tasks.
+            if not allow_not_done and not self.has_metadata(self.METADATA_DONE_SUFFIX):
+                raise DataException(
+                    "No completed attempts of the task was found for task '%s'"
+                    % self._path
+                )
+
         else:
             raise DataException("Unknown datastore mode: '%s'" % self._mode)
 
@@ -750,6 +770,36 @@ class TaskDataStore(object):
                 to_store_dict[n] = data
         self._save_file(to_store_dict)
 
+    @require_mode("d")
+    def scrub_logs(self, logsources, stream, attempt_override=None):
+        path_logsources = {
+            self._metadata_name_for_attempt(
+                self._get_log_location(s, stream),
+                attempt_override=attempt_override,
+            ): s
+            for s in logsources
+        }
+
+        # Legacy log paths
+        legacy_log = self._metadata_name_for_attempt(
+            "%s.log" % stream, attempt_override
+        )
+        path_logsources[legacy_log] = stream
+
+        existing_paths = [
+            path
+            for path in path_logsources.keys()
+            if self.has_metadata(path, add_attempt=False)
+        ]
+
+        # Replace log contents with [REDACTED source stream]
+        to_store_dict = {
+            path: bytes("[REDACTED %s %s]" % (path_logsources[path], stream), "utf-8")
+            for path in existing_paths
+        }
+
+        self._save_file(to_store_dict, add_attempt=False, allow_overwrite=True)
+
     @require_mode("r")
     def load_log_legacy(self, stream, attempt_override=None):
         """

metaflow/metaflow_config.py

@@ -154,6 +154,13 @@ AWS_SECRETS_MANAGER_DEFAULT_REGION = from_conf("AWS_SECRETS_MANAGER_DEFAULT_REGI
 # - "projects/1234567890/secrets/foo-" -> "projects/1234567890/secrets/foo-mysecret"
 GCP_SECRET_MANAGER_PREFIX = from_conf("GCP_SECRET_MANAGER_PREFIX")
 
+# Secrets Backend - Azure Key Vault prefix. With this, users don't have to
+# specify the full https:// vault url in the @secret decorator.
+#
+# It does not make a difference if the prefix ends in a / or not. We will handle either
+# case correctly.
+AZURE_KEY_VAULT_PREFIX = from_conf("AZURE_KEY_VAULT_PREFIX")
+
 # The root directory to save artifact pulls in, when using S3 or Azure
 ARTIFACT_LOCALROOT = from_conf("ARTIFACT_LOCALROOT", os.getcwd())
 
@@ -471,6 +478,7 @@ def get_pinned_conda_libs(python_version, datastore_type):
     elif datastore_type == "azure":
         pins["azure-identity"] = ">=1.10.0"
         pins["azure-storage-blob"] = ">=12.12.0"
+        pins["azure-keyvault-secrets"] = ">=4.8.0"
     elif datastore_type == "gs":
         pins["google-cloud-storage"] = ">=2.5.0"
         pins["google-auth"] = ">=2.11.0"

metaflow/metaflow_environment.py

@@ -124,7 +124,7 @@ class MetaflowEnvironment(object):
             cmds.append("%s -m pip install awscli boto3" % self._python())
         elif datastore_type == "azure":
             cmds.append(
-                "%s -m pip install azure-identity azure-storage-blob simple-azure-blob-downloader -qqq"
+                "%s -m pip install azure-identity azure-storage-blob azure-keyvault-secrets simple-azure-blob-downloader -qqq"
                 % self._python()
             )
         elif datastore_type == "gs":

metaflow/plugins/__init__.py

@@ -14,6 +14,7 @@ CLIS_DESC = [
     ("argo-workflows", ".argo.argo_workflows_cli.cli"),
     ("card", ".cards.card_cli.cli"),
     ("tag", ".tag_cli.cli"),
+    ("logs", ".logs_cli.cli"),
 ]
 
 from .test_unbounded_foreach_decorator import InternalTestUnboundedForeachInput
@@ -124,6 +125,10 @@ SECRETS_PROVIDERS_DESC = [
         "gcp-secret-manager",
         ".gcp.gcp_secret_manager_secrets_provider.GcpSecretManagerSecretsProvider",
     ),
+    (
+        "az-key-vault",
+        ".azure.azure_secret_manager_secrets_provider.AzureKeyVaultSecretsProvider",
+    ),
 ]
 
 AZURE_CLIENT_PROVIDERS_DESC = [

metaflow/plugins/airflow/airflow.py

@@ -32,6 +32,7 @@ from metaflow.metaflow_config import (
     S3_ENDPOINT_URL,
     SERVICE_HEADERS,
     SERVICE_INTERNAL_URL,
+    AZURE_KEY_VAULT_PREFIX,
 )
 
 from metaflow.metaflow_config_funcs import config_values
@@ -412,6 +413,9 @@ class Airflow(object):
         if GCP_SECRET_MANAGER_PREFIX:
             env["METAFLOW_GCP_SECRET_MANAGER_PREFIX"] = GCP_SECRET_MANAGER_PREFIX
 
+        if AZURE_KEY_VAULT_PREFIX:
+            env["METAFLOW_AZURE_KEY_VAULT_PREFIX"] = AZURE_KEY_VAULT_PREFIX
+
         env.update(additional_mf_variables)
 
         service_account = (

metaflow/plugins/argo/argo_workflows.py

@@ -33,6 +33,7 @@ from metaflow.metaflow_config import (
     DEFAULT_METADATA,
     DEFAULT_SECRETS_BACKEND_TYPE,
     GCP_SECRET_MANAGER_PREFIX,
+    AZURE_KEY_VAULT_PREFIX,
     KUBERNETES_FETCH_EC2_METADATA,
     KUBERNETES_LABELS,
     KUBERNETES_NAMESPACE,
@@ -1420,6 +1421,7 @@ class ArgoWorkflows(object):
                 "METAFLOW_AWS_SECRETS_MANAGER_DEFAULT_REGION"
             ] = AWS_SECRETS_MANAGER_DEFAULT_REGION
             env["METAFLOW_GCP_SECRET_MANAGER_PREFIX"] = GCP_SECRET_MANAGER_PREFIX
+            env["METAFLOW_AZURE_KEY_VAULT_PREFIX"] = AZURE_KEY_VAULT_PREFIX
 
             # support for Azure
             env[

metaflow/plugins/aws/batch/batch_cli.py

@@ -10,7 +10,7 @@ from metaflow.exception import CommandException, METAFLOW_EXIT_DISALLOW_RETRY
 from metaflow.metadata.util import sync_local_metadata_from_datastore
 from metaflow.metaflow_config import DATASTORE_LOCAL_DIR
 from metaflow.mflog import TASK_LOG_SOURCE
-
+from metaflow.unbounded_foreach import UBF_CONTROL, UBF_TASK
 from .batch import Batch, BatchKilledException
 
 
@@ -150,8 +150,10 @@ def kill(ctx, run_id, user, my_runs):
 @click.option("--tmpfs-tempdir", is_flag=True, help="tmpfs requirement for AWS Batch.")
 @click.option("--tmpfs-size", help="tmpfs requirement for AWS Batch.")
 @click.option("--tmpfs-path", help="tmpfs requirement for AWS Batch.")
-# TODO: Maybe remove it altogether since it's not used here
-@click.option("--ubf-context", default=None, type=click.Choice([None, "ubf_control"]))
+# NOTE: ubf-context is not explicitly used, but @parallel decorator tries to pass this so keep it for now
+@click.option(
+    "--ubf-context", default=None, type=click.Choice(["none", UBF_CONTROL, UBF_TASK])
+)
 @click.option("--host-volumes", multiple=True)
 @click.option("--efs-volumes", multiple=True)
 @click.option(
@@ -344,7 +346,7 @@ def step(
                 log_options=log_options,
                 num_parallel=num_parallel,
             )
-    except Exception as e:
+    except Exception:
         traceback.print_exc()
         _sync_metadata()
         sys.exit(METAFLOW_EXIT_DISALLOW_RETRY)

metaflow/plugins/azure/azure_exceptions.py

@@ -10,4 +10,4 @@ class MetaflowAzureResourceError(MetaflowException):
 
 
 class MetaflowAzurePackageError(MetaflowException):
-    headline = "Missing required packages 'azure-identity' and 'azure-storage-blob'"
+    headline = "Missing required packages 'azure-identity' and 'azure-storage-blob' and 'azure-keyvault-secrets'"

metaflow/plugins/azure/azure_secret_manager_secrets_provider.py

@@ -0,0 +1,236 @@
+from metaflow.plugins.secrets import SecretsProvider
+import re
+import base64
+import codecs
+from urllib.parse import urlparse
+from metaflow.exception import MetaflowException
+import sys
+from metaflow.metaflow_config import AZURE_KEY_VAULT_PREFIX
+from metaflow.plugins.azure.azure_credential import (
+    create_cacheable_azure_credential,
+)
+
+
+class MetaflowAzureKeyVaultBadVault(MetaflowException):
+    """Raised when the secretid is fully qualified but does not have the right key vault domain"""
+
+
+class MetaflowAzureKeyVaultBadSecretType(MetaflowException):
+    """Raised when the secret type is anything except secrets"""
+
+
+class MetaflowAzureKeyVaultBadSecretPath(MetaflowException):
+    """Raised when the secret path does not match to expected length"""
+
+
+class MetaflowAzureKeyVaultBadSecretName(MetaflowException):
+    """Raised when the secret name does not match expected pattern"""
+
+
+class MetaflowAzureKeyVaultBadSecretVersion(MetaflowException):
+    """Raised when the secret version does not match expected pattern"""
+
+
+class MetaflowAzureKeyVaultBadSecret(MetaflowException):
+    """Raised when the secret does not match supported patterns in Metaflow"""
+
+
+class AzureKeyVaultSecretsProvider(SecretsProvider):
+    TYPE = "az-key-vault"
+    key_vault_domains = [
+        ".vault.azure.net",
+        ".vault.azure.cn",
+        ".vault.usgovcloudapi.net",
+        ".vault.microsoftazure.de",
+    ]
+    supported_vault_object_types = ["secrets"]
+
+    # https://learn.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates has details on vault name structure
+    # Vault name and Managed HSM pool name must be a 3-24 character string, containing only 0-9, a-z, A-Z, and not consecutive -.
+    def _is_valid_vault_name(self, vault_name):
+        vault_name_pattern = r"^(?!.*--)[a-zA-Z0-9-]{3,24}$"
+        return re.match(vault_name_pattern, vault_name) is not None
+
+    # The type of the object can be, "keys", "secrets", or "certificates".
+    # Currently only secrets will be supported
+    def _is_valid_object_type(self, secret_type):
+        for type in self.supported_vault_object_types:
+            if secret_type == type:
+                return True
+        return False
+
+    # The secret name must be a 1-127 character string, starting with a letter and containing only 0-9, a-z, A-Z, and -.
+    def _is_valid_secret_name(self, secret_name):
+        secret_name_pattern = r"^[a-zA-Z][a-zA-Z0-9-]{0,126}$"
+        return re.match(secret_name_pattern, secret_name) is not None
+
+    # An object-version is a system-generated, 32 character string identifier that is optionally used to address a unique version of an object.
+    def _is_valid_object_version(self, secret_version):
+        object_version_pattern = r"^[a-zA-Z0-9]{32}$"
+        return re.match(object_version_pattern, secret_version) is not None
+
+    # This function will check if the secret_id is fully qualified url. It will return True iff the secret_id is of the form:
+    # https://myvault.vault.azure.net/secrets/mysecret/ec96f02080254f109c51a1f14cdb1931 OR
+    # https://myvault.vault.azure.net/secrets/mysecret/
+    # validating the above as per recommendations in https://devblogs.microsoft.com/azure-sdk/guidance-for-applications-using-the-key-vault-libraries/
+    def _is_secret_id_fully_qualified_url(self, secret_id):
+        # if the secret_id is None/empty/does not start with https then return false
+        if secret_id is None or secret_id == "" or not secret_id.startswith("https://"):
+            return False
+        try:
+            parsed_vault_url = urlparse(secret_id)
+        except ValueError:
+            print(f"invalid vault url", file=sys.stderr)
+            return False
+        hostname = parsed_vault_url.netloc
+
+        k_v_domain_found = False
+        actual_k_v_domain = ""
+        for k_v_domain in self.key_vault_domains:
+            if k_v_domain in hostname:
+                k_v_domain_found = True
+                actual_k_v_domain = k_v_domain
+                break
+        if not k_v_domain_found:
+            # the secret_id started with https:// however the key_vault_domains
+            # were not present in the secret_id which means
+            raise MetaflowAzureKeyVaultBadVault(f"bad key vault domain {secret_id}")
+
+        # given the secret_id seems to have a valid key vault domain
+        # lets verify that the vault name corresponds to its regex.
+        vault_name = hostname[: -len(actual_k_v_domain)]
+        # verify the vault name pattern
+        if not self._is_valid_vault_name(vault_name):
+            raise MetaflowAzureKeyVaultBadVault(f"bad key vault name {vault_name}")
+
+        path_parts = parsed_vault_url.path.strip("/").split("/")
+        total_path_parts = len(path_parts)
+        if total_path_parts < 2 or total_path_parts > 3:
+            raise MetaflowAzureKeyVaultBadSecretPath(
+                f"bad secret uri path {path_parts}"
+            )
+
+        object_type = path_parts[0]
+        if not self._is_valid_object_type(object_type):
+            raise MetaflowAzureKeyVaultBadSecretType(f"bad secret type {object_type}")
+
+        secret_name = path_parts[1]
+        if not self._is_valid_secret_name(secret_name=secret_name):
+            raise MetaflowAzureKeyVaultBadSecretName(f"bad secret name {secret_name}")
+
+        if total_path_parts == 3:
+            if not self._is_valid_object_version(path_parts[2]):
+                raise MetaflowAzureKeyVaultBadSecretVersion(
+                    f"bad secret version {path_parts[2]}"
+                )
+
+        return True
+
+    # This function will validate the correctness of the partial secret id.
+    # It will attempt to construct the fully qualified secret URL internally and
+    # call the _is_secret_id_fully_qualified_url to check validity
+    def _is_partial_secret_valid(self, secret_id):
+        secret_parts = secret_id.strip("/").split("/")
+        total_secret_parts = len(secret_parts)
+        if total_secret_parts < 1 or total_secret_parts > 2:
+            return False
+
+        # since the secret_id is supposedly a partial id, the AZURE_KEY_VAULT_PREFIX
+        # must be set.
+        if not AZURE_KEY_VAULT_PREFIX:
+            raise ValueError(
+                f"cannot use simple secret id without setting METAFLOW_AZURE_KEY_VAULT_PREFIX. {AZURE_KEY_VAULT_PREFIX}"
+            )
+        domain = AZURE_KEY_VAULT_PREFIX.rstrip("/")
+        full_secret = f"{domain}/secrets/{secret_id}"
+        if not self._is_secret_id_fully_qualified_url(full_secret):
+            return False
+
+        return True
+
+    def _sanitize_key_as_env_var(self, key):
+        """
+        Sanitize a key as an environment variable name.
+        This is purely a convenience trade-off to cover common cases well, vs. introducing
+        ambiguities (e.g. did the final '_' come from '.', or '-' or is original?).
+
+        1/27/2023(jackie):
+
+        We start with few rules and should *sparingly* add more over time.
+        Also, it's TBD whether all possible providers will share the same sanitization logic.
+        Therefore we will keep this function private for now
+        """
+        return key.replace("-", "_").replace(".", "_").replace("/", "_")
+
+    def get_secret_as_dict(self, secret_id, options={}, role=None):
+        # https://learn.microsoft.com/en-us/azure/app-service/app-service-key-vault-references?tabs=azure-cli has a lot of details on
+        # the patterns used in key vault
+        # Vault names and Managed HSM pool names are selected by the user and are globally unique.
+        # Vault name and Managed HSM pool name must be a 3-24 character string, containing only 0-9, a-z, A-Z, and not consecutive -.
+        # object-type	The type of the object. As of 05/08/24 only "secrets", are supported
+        # object-name	An object-name is a user provided name for and must be unique within a key vault. The name must be a 1-127 character string, starting with a letter and containing only 0-9, a-z, A-Z, and -.
+        # object-version	An object-version is a system-generated, 32 character string identifier that is optionally used to address a unique version of an object.
+
+        # We allow these forms of secret_id:
+        #
+        # 1. Full path like https://<key-vault-name><.vault-domain>/secrets/<secret-name>/<secret-version>. This is what you
+        # see in Azure portal and is easy to copy paste.
+        #
+        # 2. Full path but without the version like https://<key-vault-name><.vault-domain>/secrets/<secret-name>
+        #
+        # 3. Simple string like mysecret. This corresponds to the SecretName.
+        #
+        # 4. Simple string with <secret-name>/<secret-version> suffix like mysecret/123
+
+        # The latter two forms require METAFLOW_AZURE_KEY_VAULT_PREFIX to be set.
+
+        # if the secret_id is None/empty/does not start with https then return false
+        if secret_id is None or secret_id == "":
+            raise MetaflowAzureKeyVaultBadSecret(f"empty secret id is not supported")
+
+        # check if the passed in secret is a short-form ( #3/#4 in the above comment)
+        if not secret_id.startswith("https://"):
+            # check if the secret_id is of form `secret_name` OR `secret_name/secret_version`
+            if not self._is_partial_secret_valid(secret_id=secret_id):
+                raise MetaflowAzureKeyVaultBadSecret(
+                    f"unsupported partial secret {secret_id}"
+                )
+
+            domain = AZURE_KEY_VAULT_PREFIX.rstrip("/")
+            full_secret = f"{domain}/secrets/{secret_id}"
+
+        # if the secret id is passed as a URL - then check if the url is fully qualified
+        if secret_id.startswith("https://"):
+            if not self._is_secret_id_fully_qualified_url(secret_id=secret_id):
+                raise MetaflowException(f"unsupported secret {secret_id}")
+            full_secret = secret_id
+
+        # at this point I know that the secret URL is good so we can start creating the Secret Client
+        az_credentials = create_cacheable_azure_credential()
+        res = urlparse(full_secret)
+        az_vault_url = f"{res.scheme}://{res.netloc}"  # https://myvault.vault.azure.net
+        secret_data = res.path.strip("/").split("/")[1:]
+        secret_name = secret_data[0]
+        secret_version = None
+        if len(secret_data) > 1:
+            secret_version = secret_data[1]
+
+        from azure.keyvault.secrets import SecretClient
+
+        client = SecretClient(vault_url=az_vault_url, credential=az_credentials)
+
+        key_vault_secret_val = client.get_secret(
+            name=secret_name, version=secret_version
+        )
+
+        result = {}
+
+        if options.get("env_var_name") is not None:
+            env_var_name = options["env_var_name"]
+            sanitized_key = self._sanitize_key_as_env_var(env_var_name)
+        else:
+            sanitized_key = self._sanitize_key_as_env_var(key_vault_secret_val.name)
+
+        response_payload = key_vault_secret_val.value
+        result[sanitized_key] = response_payload
+        return result

metaflow/plugins/datatools/s3/s3.py

@@ -1245,12 +1245,12 @@ class S3(object):
 
         def _store():
             for key_obj in key_objs:
-                if isinstance(key_obj, tuple):
-                    key = key_obj[0]
-                    obj = key_obj[1]
-                else:
+                if isinstance(key_obj, S3PutObject):
                     key = key_obj.key
                     obj = key_obj.value
+                else:
+                    key = key_obj[0]
+                    obj = key_obj[1]
                 store_info = {
                     "key": key,
                     "content_type": getattr(key_obj, "content_type", None),
@@ -1319,12 +1319,12 @@ class S3(object):
 
         def _check():
             for key_path in key_paths:
-                if isinstance(key_path, tuple):
-                    key = key_path[0]
-                    path = key_path[1]
-                else:
+                if isinstance(key_path, S3PutObject):
                     key = key_path.key
                     path = key_path.path
+                else:
+                    key = key_path[0]
+                    path = key_path[1]
                 store_info = {
                     "key": key,
                     "content_type": getattr(key_path, "content_type", None),

metaflow/plugins/kubernetes/kubernetes.py

@@ -32,6 +32,7 @@ from metaflow.metaflow_config import (
     DEFAULT_METADATA,
     DEFAULT_SECRETS_BACKEND_TYPE,
     GCP_SECRET_MANAGER_PREFIX,
+    AZURE_KEY_VAULT_PREFIX,
     KUBERNETES_FETCH_EC2_METADATA,
     KUBERNETES_LABELS,
     KUBERNETES_SANDBOX_INIT_SCRIPT,
@@ -261,6 +262,9 @@ class Kubernetes(object):
             .environment_variable(
                 "METAFLOW_GCP_SECRET_MANAGER_PREFIX", GCP_SECRET_MANAGER_PREFIX
             )
+            .environment_variable(
+                "METAFLOW_AZURE_KEY_VAULT_PREFIX", AZURE_KEY_VAULT_PREFIX
+            )
             .environment_variable("METAFLOW_S3_ENDPOINT_URL", S3_ENDPOINT_URL)
             .environment_variable(
                 "METAFLOW_AZURE_STORAGE_BLOB_SERVICE_ENDPOINT",

metaflow/plugins/logs_cli.py

@@ -0,0 +1,358 @@
+from metaflow._vendor import click
+from metaflow.cli import LOGGER_TIMESTAMP
+
+from ..exception import CommandException
+from ..datastore import TaskDataStoreSet, TaskDataStore
+
+
+from ..mflog import mflog, LOG_SOURCES
+
+# main motivation from https://github.com/pallets/click/issues/430
+# in order to support a default command being called for a Click group.
+#
+# NOTE: We need this in order to not introduce breaking changes to existing CLI, as we wanted to
+# nest both existing `logs` and the new `logs scrub` under a shared group, but `logs` already has
+# a well defined behavior of showing the logs.
+class CustomGroup(click.Group):
+    def __init__(self, name=None, commands=None, default_cmd=None, **attrs):
+        super(CustomGroup, self).__init__(name, commands, **attrs)
+        self.default_cmd = default_cmd
+
+    def get_command(self, ctx, cmd_name):
+        if cmd_name not in self.list_commands(ctx):
+            # input from the CLI does not match a command, so we pass that
+            # as the args to the default command instead.
+            ctx.passed_cmd = cmd_name
+            cmd_name = self.default_cmd
+        return super(CustomGroup, self).get_command(ctx, cmd_name)
+
+    def parse_args(self, ctx, args):
+        # We first try to parse args as is, to determine whether we need to fall back to the default commmand
+        # if any options are supplied, the parse will fail, as the group does not support the options.
+        # In this case we fallback to the default command, inserting that as the first arg and parsing again.
+        # copy args as trying to parse will destroy them.
+        original_args = list(args)
+        try:
+            super().parse_args(ctx, args)
+            args_parseable = True
+        except Exception:
+            args_parseable = False
+        if not args or not args_parseable:
+            original_args.insert(0, self.default_cmd)
+        return super().parse_args(ctx, original_args)
+
+    def resolve_command(self, ctx, args):
+        cmd_name, cmd_obj, args = super(CustomGroup, self).resolve_command(ctx, args)
+        passed_cmd = getattr(ctx, "passed_cmd", None)
+        if passed_cmd is not None:
+            args.insert(0, passed_cmd)
+
+        return cmd_name, cmd_obj, args
+
+    def format_commands(self, ctx, formatter):
+        formatter = CustomFormatter(self.default_cmd, formatter)
+        return super(CustomGroup, self).format_commands(ctx, formatter)
+
+
+class CustomFormatter:
+    def __init__(self, default_cmd, original_formatter) -> None:
+        self.default_cmd = default_cmd
+        self.formatter = original_formatter
+
+    def __getattr__(self, name):
+        return getattr(self.formatter, name)
+
+    def write_dl(self, rows):
+        def _format(dup):
+            cmd, help = dup
+            if cmd == self.default_cmd:
+                cmd = cmd + " [Default]"
+            return (cmd, help)
+
+        rows = [_format(dup) for dup in rows]
+
+        return self.formatter.write_dl(rows)
+
+
+@click.group()
+def cli():
+    pass
+
+
+@cli.group(cls=CustomGroup, help="Commands related to logs", default_cmd="show")
+@click.pass_context
+def logs(ctx):
+    # the logger is configured in cli.py
+    global echo
+    echo = ctx.obj.echo
+
+
+@logs.command(
+    help="Show stdout/stderr produced by a task or all tasks in a step. "
+    "The format for input-path is either <run_id>/<step_name> or "
+    "<run_id>/<step_name>/<task_id>."
+)
+@click.argument("input-path")
+@click.option(
+    "--stdout/--no-stdout",
+    default=False,
+    show_default=True,
+    help="Show stdout of the task.",
+)
+@click.option(
+    "--stderr/--no-stderr",
+    default=False,
+    show_default=True,
+    help="Show stderr of the task.",
+)
+@click.option(
+    "--both/--no-both",
+    default=True,
+    show_default=True,
+    help="Show both stdout and stderr of the task.",
+)
+@click.option(
+    "--timestamps/--no-timestamps",
+    default=False,
+    show_default=True,
+    help="Show timestamps.",
+)
+@click.option(
+    "--attempt",
+    default=None,
+    type=int,
+    show_default=False,
+    help="Attempt number of a task to show, defaults to the latest attempt.",
+)
+@click.pass_obj
+def show(
+    obj, input_path, stdout=None, stderr=None, both=None, timestamps=False, attempt=None
+):
+    types = set()
+    if stdout:
+        types.add("stdout")
+        both = False
+    if stderr:
+        types.add("stderr")
+        both = False
+    if both:
+        types.update(("stdout", "stderr"))
+
+    streams = list(sorted(types, reverse=True))
+
+    # Pathspec can either be run_id/step_name or run_id/step_name/task_id.
+    parts = input_path.split("/")
+    if len(parts) == 2:
+        run_id, step_name = parts
+        task_id = None
+    elif len(parts) == 3:
+        run_id, step_name, task_id = parts
+    else:
+        raise CommandException(
+            "input_path should either be run_id/step_name "
+            "or run_id/step_name/task_id"
+        )
+
+    datastore_set = TaskDataStoreSet(
+        obj.flow_datastore, run_id, steps=[step_name], allow_not_done=True
+    )
+    if task_id:
+        ds_list = [
+            TaskDataStore(
+                obj.flow_datastore,
+                run_id=run_id,
+                step_name=step_name,
+                task_id=task_id,
+                mode="r",
+                allow_not_done=True,
+            )
+        ]
+    else:
+        ds_list = list(datastore_set)  # get all tasks
+
+    if ds_list:
+
+        def echo_unicode(line, **kwargs):
+            click.secho(line.decode("UTF-8", errors="replace"), **kwargs)
+
+        # old style logs are non mflog-style logs
+        maybe_old_style = True
+        for ds in ds_list:
+            echo(
+                "Dumping logs of run_id=*{run_id}* "
+                "step=*{step}* task_id=*{task_id}*".format(
+                    run_id=ds.run_id, step=ds.step_name, task_id=ds.task_id
+                ),
+                fg="magenta",
+            )
+
+            for stream in streams:
+                echo(stream, bold=True)
+                logs = ds.load_logs(LOG_SOURCES, stream, attempt_override=attempt)
+                if any(data for _, data in logs):
+                    # attempt to read new, mflog-style logs
+                    for line in mflog.merge_logs([blob for _, blob in logs]):
+                        if timestamps:
+                            ts = mflog.utc_to_local(line.utc_tstamp)
+                            tstamp = ts.strftime("%Y-%m-%d %H:%M:%S.%f")[:-3]
+                            click.secho(tstamp + " ", fg=LOGGER_TIMESTAMP, nl=False)
+                        echo_unicode(line.msg)
+                    maybe_old_style = False
+                elif maybe_old_style:
+                    # if they are not available, we may be looking at
+                    # a legacy run (unless we have seen new-style data already
+                    # for another stream). This return an empty string if
+                    # nothing is found
+                    log = ds.load_log_legacy(stream, attempt_override=attempt)
+                    if log and timestamps:
+                        raise CommandException(
+                            "We can't show --timestamps for old runs. Sorry!"
+                        )
+                    echo_unicode(log, nl=False)
+    else:
+        raise CommandException(
+            "No Tasks found at the given path -- "
+            "either none exist or none have started yet"
+        )
+
+
+@logs.command(
+    help="Scrub stdout/stderr produced by a task or all tasks in a step. "
+    "The format for input-path is either <run_id>/<step_name> or "
+    "<run_id>/<step_name>/<task_id>."
+)
+@click.argument("input-path")
+@click.option(
+    "--stdout/--no-stdout",
+    default=False,
+    show_default=True,
+    help="Scrub stdout of the step or task.",
+)
+@click.option(
+    "--stderr/--no-stderr",
+    default=False,
+    show_default=True,
+    help="Scrub stderr of the step or task.",
+)
+@click.option(
+    "--both/--no-both",
+    default=True,
+    show_default=True,
+    help="Scrub both stdout and stderr of the step or task.",
+)
+@click.option(
+    "--attempt",
+    default=None,
+    type=int,
+    show_default=False,
+    help="Attempt number of a task to scrub, defaults to the latest attempt.",
+)
+@click.option(
+    "--latest/--all",
+    default=True,
+    show_default=False,
+    help="Scrub latest/all attempts of a step or task",
+)
+@click.option(
+    "--include-not-done",
+    default=False,
+    show_default=False,
+    is_flag=True,
+    help="Also scrub steps or tasks that are not done. Use this for tasks that did not finish correctly, and could not otherwise be scrubbed.",
+)
+@click.pass_obj
+def scrub(
+    obj,
+    input_path,
+    stdout=None,
+    stderr=None,
+    both=None,
+    attempt=None,
+    latest=None,
+    include_not_done=None,
+):
+    types = set()
+    if stdout:
+        types.add("stdout")
+        both = False
+    if stderr:
+        types.add("stderr")
+        both = False
+    if both:
+        types.update(("stdout", "stderr"))
+
+    streams = list(sorted(types, reverse=True))
+
+    # Pathspec can either be run_id/step_name or run_id/step_name/task_id.
+    parts = input_path.split("/")
+    if len(parts) == 2:
+        run_id, step_name = parts
+        task_id = None
+    elif len(parts) == 3:
+        run_id, step_name, task_id = parts
+    else:
+        raise CommandException(
+            "input_path should either be run_id/step_name "
+            "or run_id/step_name/task_id"
+        )
+
+    if task_id:
+        if latest:
+            ds_list = obj.flow_datastore.get_task_datastores(
+                pathspecs=[input_path],
+                attempt=attempt,
+                mode="d",
+                allow_not_done=include_not_done,
+            )
+        else:
+            ds_list = obj.flow_datastore.get_task_datastores(
+                pathspecs=[input_path],
+                attempt=attempt,
+                mode="d",
+                allow_not_done=include_not_done,
+                include_prior=True,
+            )
+    else:
+        if latest:
+            ds_list = obj.flow_datastore.get_task_datastores(
+                run_id=run_id,
+                steps=[step_name],
+                attempt=attempt,
+                mode="d",
+                allow_not_done=include_not_done,
+            )
+        else:
+            ds_list = obj.flow_datastore.get_task_datastores(
+                run_id=run_id,
+                steps=[step_name],
+                attempt=attempt,
+                mode="d",
+                allow_not_done=include_not_done,
+                include_prior=True,
+            )
+
+    if ds_list:
+        for ds in ds_list:
+            failures = []
+            for stream in streams:
+                try:
+                    ds.scrub_logs(LOG_SOURCES, stream)
+                except Exception:
+                    failures.append(stream)
+            if failures:
+                obj.echo_always(
+                    "Failed to scrub %s - attempt %s : *%s*"
+                    % (ds.pathspec, ds.attempt, ",".join(failures))
+                )
+            else:
+                echo(
+                    "Logs have been scrubbed for %s - attempt %s"
+                    % (ds.pathspec, ds.attempt)
+                )
+
+    else:
+        raise CommandException(
+            "No Tasks found at the given path -- "
+            "either none exist or they have not finished yet.\n"
+            "If you know the task has finished, you can supply --include-not-done to force scrub it."
+        )

metaflow/version.py

@@ -1 +1 @@
-metaflow_version = "2.11.14.1"
+metaflow_version = "2.11.15.2"

{ob_metaflow-2.11.14.1.dist-info → ob_metaflow-2.11.15.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: ob-metaflow
-Version: 2.11.14.1
+Version: 2.11.15.2
 Summary: Metaflow: More Data Science, Less Engineering
 Author: Netflix, Outerbounds & the Metaflow Community
 Author-email: help@outerbounds.co
@@ -12,7 +12,7 @@ Requires-Dist: boto3
 Requires-Dist: pylint
 Requires-Dist: kubernetes
 Provides-Extra: stubs
-Requires-Dist: ob-metaflow-stubs ==2.11.14.1 ; extra == 'stubs'
+Requires-Dist: ob-metaflow-stubs ==2.11.15.2 ; extra == 'stubs'
 
 ![Metaflow_Logo_Horizontal_FullColor_Ribbon_Dark_RGB](https://user-images.githubusercontent.com/763451/89453116-96a57e00-d713-11ea-9fa6-82b29d4d6eff.png)
 

{ob_metaflow-2.11.14.1.dist-info → ob_metaflow-2.11.15.2.dist-info}/RECORD

@@ -1,7 +1,7 @@
 metaflow/R.py,sha256=bNcXXpGOe5wquzTRGyU0KS9gJMz7HceKjXxammYPUE0,3841
 metaflow/__init__.py,sha256=3xaDoR_uEUnf4lzQMR6Akj2IctN03nlOvTKBzFHsiAA,6028
 metaflow/cards.py,sha256=tP1_RrtmqdFh741pqE4t98S7SA0MtGRlGvRICRZF1Mg,426
-metaflow/cli.py,sha256=t8BpXpfr1UtjegySI6ydz6w7TaAyYmwZjbk6K2ZB-ns,35313
+metaflow/cli.py,sha256=2igissDxlfN7f3Bfm0urjL7xtUJJE6jasEJir3OJfsw,31392
 metaflow/cli_args.py,sha256=lcgBGNTvfaiPxiUnejAe60Upt9swG6lRy1_3OqbU6MY,2616
 metaflow/clone_util.py,sha256=ar4jSZt2aTd4monBpkIQmcLcsOd0relAB42qTUGt2j8,1810
 metaflow/cmd_with_io.py,sha256=kl53HkAIyv0ecpItv08wZYczv7u3msD1VCcciqigqf0,588
@@ -15,10 +15,10 @@ metaflow/graph.py,sha256=ZPxyG8uwVMk5YYgX4pQEQaPZtZM5Wy-G4NtJK73IEuA,11818
 metaflow/includefile.py,sha256=yHczcZ_U0SrasxSNhZb3DIBzx8UZnrJCl3FzvpEQLOA,19753
 metaflow/integrations.py,sha256=LlsaoePRg03DjENnmLxZDYto3NwWc9z_PtU6nJxLldg,1480
 metaflow/lint.py,sha256=_kYAbAtsP7IG1Rd0FqNbo8I8Zs66_0WXbaZJFARO3dE,10394
-metaflow/metaflow_config.py,sha256=GgzzL_CwZdNfdAen3iy_0RmwqNXrl4hxx9t6DBhgRcU,21117
+metaflow/metaflow_config.py,sha256=XEn3iYMP6c7lleymgBjpfCsYLMR9T2nsx-KiHy5iUcI,21477
 metaflow/metaflow_config_funcs.py,sha256=pCaiQ2ez9wXixJI3ehmf3QiW9lUqFrZnBZx1my_0wIg,4874
 metaflow/metaflow_current.py,sha256=sCENPBiji3LcPbwgOG0ukGd_yEc5tST8EowES8DzRtA,7430
-metaflow/metaflow_environment.py,sha256=XiMmBZiq3_dwaw0Oi3B8588BahYxzgfqWGMePPZqUUc,7359
+metaflow/metaflow_environment.py,sha256=RHxCI-EcTR0yh352oa13itZeDun45OVF-lOAFxB9uXo,7382
 metaflow/metaflow_profile.py,sha256=jKPEW-hmAQO-htSxb9hXaeloLacAh41A35rMZH6G8pA,418
 metaflow/metaflow_version.py,sha256=mPQ6g_3XjNdi0NrxDzwlW8ZH0nMyYpwqmJ04P7TIdP0,4774
 metaflow/monitor.py,sha256=T0NMaBPvXynlJAO_avKtk8OIIRMyEuMAyF8bIp79aZU,5323
@@ -34,7 +34,7 @@ metaflow/task.py,sha256=ecGaULbK8kXPnyWzH1u6wtGclm0qeJm7K95amEL17sQ,25863
 metaflow/unbounded_foreach.py,sha256=p184WMbrMJ3xKYHwewj27ZhRUsSj_kw1jlye5gA9xJk,387
 metaflow/util.py,sha256=RrjsvADLKxSqjL76CxKh_J4OJl840B9Ak3V-vXleGas,13429
 metaflow/vendor.py,sha256=LZgXrh7ZSDmD32D1T5jj3OKKpXIqqxKzdMAOc5V0SD4,5162
-metaflow/version.py,sha256=_gxslYktBiLJ68luN6fxpsnBrMI0qbV6Xyp9YznIpgU,31
+metaflow/version.py,sha256=LJTdJuz7bbVrmaIHT0OQUmxzGPb3ovAAoEl5E7LsPTQ,31
 metaflow/_vendor/__init__.py,sha256=y_CiwUD3l4eAKvTVDZeqgVujMy31cAM1qjAB-HfI-9s,353
 metaflow/_vendor/click/__init__.py,sha256=FkyGDQ-cbiQxP_lxgUspyFYS48f2S_pTcfKPz-d_RMo,2463
 metaflow/_vendor/click/_bashcomplete.py,sha256=9J98IHQYmCAr2Jup6TDshUr5FJEen-AoQCZR0K5nKxQ,12309
@@ -98,12 +98,12 @@ metaflow/cmd/develop/stub_generator.py,sha256=fmiWmr4tXBBvIZdWVEhKvZWtG4vjyIsfre
 metaflow/cmd/develop/stubs.py,sha256=hhf1giRNNlFGB5zSZdNA8tNvnJcmotXSiNN06N3_WyA,11742
 metaflow/datastore/__init__.py,sha256=VxP6ddJt3rwiCkpiSfAhyVkUCOe1pgZZsytVEJzFmSQ,155
 metaflow/datastore/content_addressed_store.py,sha256=dCVFAr4PltlmXNVVYt7UaBGJWe6fWuicCgb68XHqLrA,7643
-metaflow/datastore/datastore_set.py,sha256=sjwcxO6ZJgZ7ief_L-TTpjoRJYIlJnGGG_WSaDRij28,2368
+metaflow/datastore/datastore_set.py,sha256=R5pwnxg1DD8kBY9vElvd2eMknrvwTyiSwvQs67_z9bc,2361
 metaflow/datastore/datastore_storage.py,sha256=7V43QuiWDQ_Q4oHw9y7Z7X9lYj3GI-LV1-xB3d2Tt5k,9038
 metaflow/datastore/exceptions.py,sha256=r7Ab5FvHIzyFh6kwiptA1lO5nLqWg0xRBoeYGefvapA,373
-metaflow/datastore/flow_datastore.py,sha256=ZG1fguspPxgFwKKJj4dHLgZl3ZdfZJDb19EWP2VlRJQ,9183
+metaflow/datastore/flow_datastore.py,sha256=kbJcOLYnvPHgJfZ_WWkD9LJSX1PHI1K6f9oVUu08A9U,10235
 metaflow/datastore/inputs.py,sha256=i43dXr2xvgtsgKMO9allgCR18bk80GeayeQFyUTH36w,449
-metaflow/datastore/task_datastore.py,sha256=aqu68A2ezS2RschhxdX4O82ofML3J6UPwYWbgo-01G8,34312
+metaflow/datastore/task_datastore.py,sha256=RWO-2p_vyJfTV9JtW2dIdt7IW7n_OD8ff43YJwetiW0,36169
 metaflow/extension_support/__init__.py,sha256=GK3P6YbIN4S7r3rbofzh4xaIJ6wsmDsE7iEMIlbXgMM,49334
 metaflow/extension_support/_empty_file.py,sha256=HENjnM4uAfeNygxMB_feCCWORFoSat9n_QwzSx2oXPw,109
 metaflow/extension_support/cmd.py,sha256=hk8iBUUINqvKCDxInKgWpum8ThiRZtHSJP7qBASHzl8,5711
@@ -118,12 +118,13 @@ metaflow/mflog/mflog.py,sha256=VebXxqitOtNAs7VJixnNfziO_i_urG7bsJ5JiB5IXgY,4370
 metaflow/mflog/save_logs.py,sha256=ZBAF4BMukw4FMAC7odpr9OI2BC_2petPtDX0ca6srC4,2352
 metaflow/mflog/save_logs_periodically.py,sha256=2Uvk9hi-zlCqXxOQoXmmjH1SCugfw6eG6w70WgfI-ho,1256
 metaflow/mflog/tee.py,sha256=wTER15qeHuiRpCkOqo-bd-r3Gj-EVlf3IvWRCA4beW4,887
-metaflow/plugins/__init__.py,sha256=CGzgHIEK8wp1609kiAOs7unl_r9oZR5bSUP0w3AwyY0,6728
+metaflow/plugins/__init__.py,sha256=A_qoolQowlEQFajlBqfYBRF9qP-hzy33749KZ4R2fgc,6881
 metaflow/plugins/catch_decorator.py,sha256=UOM2taN_OL2RPpuJhwEOA9ZALm0-hHD0XS2Hn2GUev0,4061
 metaflow/plugins/debug_logger.py,sha256=mcF5HYzJ0NQmqCMjyVUk3iAP-heroHRIiVWQC6Ha2-I,879
 metaflow/plugins/debug_monitor.py,sha256=Md5X_sDOSssN9pt2D8YcaIjTK5JaQD55UAYTcF6xYF0,1099
 metaflow/plugins/environment_decorator.py,sha256=6m9j2B77d-Ja_l_9CTJ__0O6aB2a8Qt_lAZu6UjAcUA,587
 metaflow/plugins/events_decorator.py,sha256=c2GcH6Mspbey3wBkjM5lqxaNByFOzYDQdllLpXzRNv8,18283
+metaflow/plugins/logs_cli.py,sha256=7-LxLRy8X5s4KcoMSc183cbNIJnIcedf6oWPe13-hQs,11409
 metaflow/plugins/package_cli.py,sha256=-J6D4cupHfWSZ4GEFo2yy9Je9oL3owRWm5pEJwaiqd4,1649
 metaflow/plugins/parallel_decorator.py,sha256=yrwfqdTmvEyR3YdvJiPChVOK5vjYTibC09kDs7t6_kg,4444
 metaflow/plugins/project_decorator.py,sha256=eJOe0Ea7CbUCReEhR_XQvRkhV6jyRqDxM72oZI7EMCk,5336
@@ -134,7 +135,7 @@ metaflow/plugins/tag_cli.py,sha256=O_ZI4ILwGX3xKrLewUUF-zdJjCDi3JmsTb4ow87_RuY,1
 metaflow/plugins/test_unbounded_foreach_decorator.py,sha256=cB_2OWb38eYfmbVck72ZwU0qgzi6hqJXZAxglpHU_qg,5216
 metaflow/plugins/timeout_decorator.py,sha256=GGlsnmT1F-5FDaN19pDWKhmcHaN1hstgtZRBipPPu3c,3595
 metaflow/plugins/airflow/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-metaflow/plugins/airflow/airflow.py,sha256=W4qmLY1clGuSlEf9muGM0qgk8ZbAr7P3squa9_m7ni0,32007
+metaflow/plugins/airflow/airflow.py,sha256=U7jg1fSpGcuXhBCZ9xNh492h0MhBx3EV1WpWQh6RIaI,32147
 metaflow/plugins/airflow/airflow_cli.py,sha256=fUi6IsRMi6mvL6Twrszk7rZq7_4PmdYr9evJnBpXXPc,14440
 metaflow/plugins/airflow/airflow_decorator.py,sha256=H9-QnRP4x8tSomLmmpGeuVUI48-CxHR7tlvn_ceX1Zs,1772
 metaflow/plugins/airflow/airflow_utils.py,sha256=qd6lV2X4VpCO2sLsRc35JMOU4DVz_tQacrM_wWNkQug,28865
@@ -149,7 +150,7 @@ metaflow/plugins/airflow/sensors/s3_sensor.py,sha256=JUKoGNoTCtrO9MNEneEC7ldRNwg
 metaflow/plugins/argo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 metaflow/plugins/argo/argo_client.py,sha256=MKKhMCbWOPzf6z5zQQiyDRHHkAXcO7ipboDZDqAAvOk,15849
 metaflow/plugins/argo/argo_events.py,sha256=_C1KWztVqgi3zuH57pInaE9OzABc2NnncC-zdwOMZ-w,5909
-metaflow/plugins/argo/argo_workflows.py,sha256=vr0DUFLKUmVXS2IZRThNgqsfRyN2HQMPaPlvj9Ps3Hs,129679
+metaflow/plugins/argo/argo_workflows.py,sha256=niBAizKFjDA-PTQh-PqhSHV4KX68uL83RF2kZN-QtT4,129783
 metaflow/plugins/argo/argo_workflows_cli.py,sha256=sZTpgfmc50eT3e0qIxpVqUgWhTcYlO1HM4gU6Oaya8g,33259
 metaflow/plugins/argo/argo_workflows_decorator.py,sha256=K5t4uIk2IXPdK7v7DEjj3buSB8ikLjLycKjbZUYeiaw,6781
 metaflow/plugins/argo/generate_input_paths.py,sha256=loYsI6RFX9LlFsHb7Fe-mzlTTtRdySoOu7sYDy-uXK0,881
@@ -158,7 +159,7 @@ metaflow/plugins/aws/aws_client.py,sha256=mO8UD6pxFaOnxDb3hTP3HB7Gqb_ZxoR-76LT68
 metaflow/plugins/aws/aws_utils.py,sha256=BELrOYMURrTHksQQiNgwppP8E8oUp-9xjEKNP-NO67g,7699
 metaflow/plugins/aws/batch/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 metaflow/plugins/aws/batch/batch.py,sha256=e9ssahWM18GnipPK2sqYB-ztx9w7Eoo7YtWyEtufYxs,17787
-metaflow/plugins/aws/batch/batch_cli.py,sha256=8j5s9RMZu0aJW76GY2lQkJT5tVDzamg9G_iu1AUpW8o,11632
+metaflow/plugins/aws/batch/batch_cli.py,sha256=6PTbyajRgdy0XmjyJLBTdKdiOB84dcovQQ8sFXlJqko,11749
 metaflow/plugins/aws/batch/batch_client.py,sha256=s9ZHhxQPPoBQijLUgn6_16QOaD4-22U_44uJbp-yLkI,28565
 metaflow/plugins/aws/batch/batch_decorator.py,sha256=KUOBrJH1Rl04toRMsbh7D_ThntRZqa-_B9JUQbu8ORk,17319
 metaflow/plugins/aws/secrets_manager/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -175,7 +176,8 @@ metaflow/plugins/aws/step_functions/step_functions_client.py,sha256=DKpNwAIWElvW
 metaflow/plugins/aws/step_functions/step_functions_decorator.py,sha256=9hw_MX36RyFp6IowuAYaJzJg9UC5KCe1FNt1PcG7_J0,3791
 metaflow/plugins/azure/__init__.py,sha256=GuuhTVC-zSdyAf79a1wiERMq0Zts7fwVT7t9fAf234A,100
 metaflow/plugins/azure/azure_credential.py,sha256=JmdGEbVzgxy8ucqnQDdTTI_atyMX9WSZUw3qYOo7RhE,2174
-metaflow/plugins/azure/azure_exceptions.py,sha256=uvxE3E3nsbQq1dxCx1Yl9O54frbnMS5Elk8Z4qQ2Oh4,404
+metaflow/plugins/azure/azure_exceptions.py,sha256=NnbwpUC23bc61HZjJmeXztY0tBNn_Y_VpIpDDuYWIZ0,433
+metaflow/plugins/azure/azure_secret_manager_secrets_provider.py,sha256=O1osBCO47GPM95HzL4gSt_sjRdQyqX-oLxY8xWaPTDI,11022
 metaflow/plugins/azure/azure_tail.py,sha256=JAqV4mC42bMpR0O7m6X4cpFuh0peV1ufs_jJXrmicTc,3362
 metaflow/plugins/azure/azure_utils.py,sha256=j3kAxi2oC-fMpw8YegJvqsAwxi_m7jGPxCaeVwoBZJg,7100
 metaflow/plugins/azure/blob_service_client_factory.py,sha256=MtyPftBxrXdXMxwhKgLepG6mtlb_2BhJLG_fvbO6D14,6527
@@ -214,7 +216,7 @@ metaflow/plugins/datastores/s3_storage.py,sha256=CZdNqaKtxDXQbEg2YHyphph3hWcLIE5
 metaflow/plugins/datatools/__init__.py,sha256=ge4L16OBQLy2J_MMvoHg3lMfdm-MluQgRWoyZ5GCRnk,1267
 metaflow/plugins/datatools/local.py,sha256=67hx3O_vInERlL0aJV0Sd-jUTd_2DOw4sJ4-IyEKNKM,4213
 metaflow/plugins/datatools/s3/__init__.py,sha256=14tr9fPjN3ULW5IOfKHeG7Uhjmgm7LMtQHfz1SFv-h8,248
-metaflow/plugins/datatools/s3/s3.py,sha256=7jxoDSn4hOM4xoqdwk-xcIfBkAt3RfM-ABXA5ZW0q10,66101
+metaflow/plugins/datatools/s3/s3.py,sha256=CQynofOk0l_sJMakTDhb8IlVKqlL-Ko1fmY5mKJTbes,66113
 metaflow/plugins/datatools/s3/s3op.py,sha256=ZQFSxlaQUt-Ko_kIXMbHOKJc8q4FPXogS3xI6xsDR7Y,43390
 metaflow/plugins/datatools/s3/s3tail.py,sha256=boQjQGQMI-bvTqcMP2y7uSlSYLcvWOy7J3ZUaF78NAA,2597
 metaflow/plugins/datatools/s3/s3util.py,sha256=FgRgaVmEq7-i2dV7q8XK5w5PfFt-xJjZa8WrK8IJfdI,3769
@@ -248,7 +250,7 @@ metaflow/plugins/gcp/gs_tail.py,sha256=Jl_wvnzU7dub07A-DOAuP5FeccNIrPM-CeL1xKFs1
 metaflow/plugins/gcp/gs_utils.py,sha256=ZmIGFse1qYyvAVrwga23PQUzF6dXEDLLsZ2F-YRmvow,2030
 metaflow/plugins/gcp/includefile_support.py,sha256=vIDeR-MiJuUh-2S2pV7Z7FBkhIWwtHXaRrj76MWGRiY,3869
 metaflow/plugins/kubernetes/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-metaflow/plugins/kubernetes/kubernetes.py,sha256=5wM8_gRuyyyIv9mbX2lCePsLHoiDgJnbzYwnJy_NEoE,19233
+metaflow/plugins/kubernetes/kubernetes.py,sha256=KIRt-brcAMe7SyhecgooTxOurxF9vTL0Db37LC0reMA,19384
 metaflow/plugins/kubernetes/kubernetes_cli.py,sha256=wSByGQEaoQo1aV9kJoKYmbVVeFQVsMw9RfG4Bw2sMm8,10274
 metaflow/plugins/kubernetes/kubernetes_client.py,sha256=irATJpAob4jINkJw0zT_Xoa6JHRtYxx2IOeimlbzvPo,2373
 metaflow/plugins/kubernetes/kubernetes_decorator.py,sha256=315v32txNvgMQC8QHl1fwf9tslsESlZ8M5KY-qhjgjg,25984
@@ -300,9 +302,9 @@ metaflow/tutorials/07-worldview/README.md,sha256=5vQTrFqulJ7rWN6r20dhot9lI2sVj9W
 metaflow/tutorials/07-worldview/worldview.ipynb,sha256=ztPZPI9BXxvW1QdS2Tfe7LBuVzvFvv0AToDnsDJhLdE,2237
 metaflow/tutorials/08-autopilot/README.md,sha256=GnePFp_q76jPs991lMUqfIIh5zSorIeWznyiUxzeUVE,1039
 metaflow/tutorials/08-autopilot/autopilot.ipynb,sha256=DQoJlILV7Mq9vfPBGW-QV_kNhWPjS5n6SJLqePjFYLY,3191
-ob_metaflow-2.11.14.1.dist-info/LICENSE,sha256=nl_Lt5v9VvJ-5lWJDT4ddKAG-VZ-2IaLmbzpgYDz2hU,11343
-ob_metaflow-2.11.14.1.dist-info/METADATA,sha256=opXWlALXWsRYlogJ6rG9a-wlWGg2FZYQKJI0fAP1osc,5148
-ob_metaflow-2.11.14.1.dist-info/WHEEL,sha256=DZajD4pwLWue70CAfc7YaxT1wLUciNBvN_TTcvXpltE,110
-ob_metaflow-2.11.14.1.dist-info/entry_points.txt,sha256=IKwTN1T3I5eJL3uo_vnkyxVffcgnRdFbKwlghZfn27k,57
-ob_metaflow-2.11.14.1.dist-info/top_level.txt,sha256=v1pDHoWaSaKeuc5fKTRSfsXCKSdW1zvNVmvA-i0if3o,9
-ob_metaflow-2.11.14.1.dist-info/RECORD,,
+ob_metaflow-2.11.15.2.dist-info/LICENSE,sha256=nl_Lt5v9VvJ-5lWJDT4ddKAG-VZ-2IaLmbzpgYDz2hU,11343
+ob_metaflow-2.11.15.2.dist-info/METADATA,sha256=3vdCmlKaPQ9V9EfET5djgsF_JxUOPdIQLV1qmgbIy_Y,5148
+ob_metaflow-2.11.15.2.dist-info/WHEEL,sha256=DZajD4pwLWue70CAfc7YaxT1wLUciNBvN_TTcvXpltE,110
+ob_metaflow-2.11.15.2.dist-info/entry_points.txt,sha256=IKwTN1T3I5eJL3uo_vnkyxVffcgnRdFbKwlghZfn27k,57
+ob_metaflow-2.11.15.2.dist-info/top_level.txt,sha256=v1pDHoWaSaKeuc5fKTRSfsXCKSdW1zvNVmvA-i0if3o,9
+ob_metaflow-2.11.15.2.dist-info/RECORD,,