在配置 argo 工作流程以从我的 Flask 应用程序运行 python 函数以每天更新用户组列表时,我收到不正确的填充错误。附上错误日志和配置详细信息供参考。
Error:
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_shared/authentication.py", line 129, in _add_authorization_header
signature = sign_string(self.account_key, string_to_sign)
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_shared/__init__.py", line 45, in sign_string
key = decode_base64_to_bytes(key)
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_shared/__init__.py", line 35, in decode_base64_to_bytes
return base64.b64decode(data)
File "/usr/local/lib/python3.9/base64.py", line 87, in b64decode
return binascii.a2b_base64(s)
binascii.Error: Incorrect padding
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/usr/local/lib/python3.9/site-packages/***/aad.py", line 76, in aad_groups
aad_groups = cr_blob.read_blob('***', storage_key, 'aad', 'aad_groups.csv')
File "/usr/local/lib/python3.9/site-packages/***/data/blob.py", line 86, in read_blob
blob_data = pd.read_csv(blob.download_blob())
File "/usr/local/lib/python3.9/site-packages/azure/core/tracing/decorator.py", line 78, in wrapper_use_tracer
return func(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_blob_client.py", line 914, in download_blob
return StorageStreamDownloader(**options)
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_download.py", line 366, in __init__
self._response = self._initial_request()
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_download.py", line 466, in _initial_request
process_storage_error(error)
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_shared/response_handlers.py", line 97, in process_storage_error
raise storage_error
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_download.py", line 418, in _initial_request
location_mode, response = self._clients.blob.download(
File "/usr/local/lib/python3.9/site-packages/azure/core/tracing/decorator.py", line 78, in wrapper_use_tracer
return func(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_generated/operations/_blob_operations.py", line 1592, in download
pipeline_response = self._client._pipeline.run( # type: ignore # pylint: disable=protected-access
File "/usr/local/lib/python3.9/site-packages/azure/core/pipeline/_base.py", line 211, in run
return first_node.send(pipeline_request) # type: ignore
File "/usr/local/lib/python3.9/site-packages/azure/core/pipeline/_base.py", line 71, in send
response = self.next.send(request)
File "/usr/local/lib/python3.9/site-packages/azure/core/pipeline/_base.py", line 71, in send
response = self.next.send(request)
File "/usr/local/lib/python3.9/site-packages/azure/core/pipeline/_base.py", line 71, in send
response = self.next.send(request)
[Previous line repeated 2 more times]
File "/usr/local/lib/python3.9/site-packages/azure/core/pipeline/policies/_redirect.py", line 158, in send
response = self.next.send(request)
File "/usr/local/lib/python3.9/site-packages/azure/core/pipeline/_base.py", line 71, in send
response = self.next.send(request)
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_shared/policies.py", line 546, in send
raise err
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_shared/policies.py", line 520, in send
response = self.next.send(request)
File "/usr/local/lib/python3.9/site-packages/azure/core/pipeline/_base.py", line 71, in send
response = self.next.send(request)
File "/usr/local/lib/python3.9/site-packages/azure/core/pipeline/_base.py", line 71, in send
response = self.next.send(request)
File "/usr/local/lib/python3.9/site-packages/azure/core/pipeline/_base.py", line 69, in send
_await_result(self._policy.on_request, request)
File "/usr/local/lib/python3.9/site-packages/azure/core/pipeline/_tools.py", line 34, in await_result
result = func(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_shared/authentication.py", line 152, in on_request
self._add_authorization_header(request, string_to_sign)
File "/usr/local/lib/python3.9/site-packages/azure/storage/blob/_shared/authentication.py", line 135, in _add_authorization_header
raise _wrap_exception(ex, AzureSigningError)
azure.storage.blob._shared.authentication.AzureSigningError: Incorrect padding
time="2023-07-24T08:59:03.472Z" level=info msg="sub-process exited" argo=true error="<nil>"
Error: exit status 1
这是我的
argo_workflowapiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
name: argo-aad
spec:
entrypoint: aad-groups
templates:
- name: aad-groups
container:
image: ***.azurecr.io/image:latest
env:
- name: sql_db_key
valueFrom:
secretKeyRef:
name: sqldbkey
key: key
- name: storage_key
valueFrom:
secretKeyRef:
name: storagekey
key: key
- name: client_secret
valueFrom:
secretKeyRef:
name: clientsecret
key: key
- name: client_id
valueFrom:
secretKeyRef:
name: clientid
key: key
- name: directory_tenant_id
valueFrom:
secretKeyRef:
name: directorytenantid
key: key
command: ["python", "-c"]
args: ["import ***.aad as gaad; gaad.aad_groups('sql_db_key', 'storage_key', 'client_secret', 'client_id', 'directory_tenant_id')"]
我已经使用以下命令创建了参数的所有秘密并传递值。
kubectl create secret generic storagekey --from-literal=key=****************************************==请问有什么建议吗?
binascii.Error:填充不正确
“填充不正确”通常指的是在解码 Base64 编码字符串的过程中发生的数据损坏或解密问题。当您用于身份验证的凭据(例如帐户密钥或 SAS 令牌)不正确或损坏时,就会发生这种情况。
args: ["import ***.aad as gaad; gaad.aad_groups(
'{{inputs.parameters.sql_db_key}}',
'{{inputs.parameters.storage_key}}',
'{{inputs.parameters.client_secret}}',
'{{inputs.parameters.client_id}}',
'{{inputs.parameters.directory_tenant_id}}'
)"]
另外,传递字符串
'sql_db_key'kubectl create secret genericecho -n "your-secret-value" | base64 args参数字段:
args: ["import ***.aad as gaad; gaad.aad_groups('{}', '{}', '{}', '{}', '{}')".format(sql_db_key, storage_key, client_secret, client_id, directory_tenant_id)]
访问密钥或 SAS 密钥需要采用 Base 64 编码。 如果直接通过就使用这种设置。
导入base64
Accesskey=“R2Vla3NGb3JHZWVrcyBpcyB0aGUgYmVzdA ==” Accesskey_base64= Accesskey.encode("ascii")
这对我有用。