You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2021/01/06 11:56:46 UTC

[GitHub] [airflow] mik-laj commented on a change in pull request #13501: Warn about precedence of env var when getting variables

mik-laj commented on a change in pull request #13501:
URL: https://github.com/apache/airflow/pull/13501#discussion_r552532697



##########
File path: airflow/models/variable.py
##########
@@ -143,6 +147,14 @@ def set(cls, key: str, value: Any, serialize_json: bool = False, session: Sessio
         :param serialize_json: Serialize the value to a JSON string
         :param session: SQL Alchemy Sessions
         """
+        env_var_name = "AIRFLOW_VAR_" + key.upper()

Review comment:
       This is a bit more complicated case as this will require sending an additional request to the secret backend. The new request can be problematic in some environments as access to data in the secret is precisely monitored and audited. So even queries to check if there is an item in the backend will mean that the security department may be concerned. Especially since we don't have an API that allows us to check the existence of a key without downloading a secret.
   
   In this change, I wanted to improve the experience of novice developers who are just starting to use Airflow and may not fully understand all the limitations. Such users suspect that they don't use the secret backend, so I don't think the lack of backend secret support is a big problem.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org