You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2020/03/22 08:27:03 UTC

[GitHub] [airflow] turbaszek commented on a change in pull request #7795: [AIRFLOW-7104] Add Secret backend for GCP Secrets Manager

turbaszek commented on a change in pull request #7795: [AIRFLOW-7104] Add Secret backend for GCP Secrets Manager
URL: https://github.com/apache/airflow/pull/7795#discussion_r396067023
 
 

 ##########
 File path: airflow/providers/google/cloud/hooks/base.py
 ##########
 @@ -168,54 +169,20 @@ def _get_credentials_and_project_id(self) -> Tuple[google.auth.credentials.Crede
             return self._cached_credentials, self._cached_project_id
 
         key_path = self._get_field('key_path', None)  # type: Optional[str]
-        keyfile_dict = self._get_field('keyfile_dict', None)  # type: Optional[str]
-        if key_path and keyfile_dict:
-            raise AirflowException(
-                "The `keyfile_dict` and `key_path` fields are mutually exclusive. "
-                "Please provide only one value."
-            )
-        if not key_path and not keyfile_dict:
-            self.log.info(
-                'Getting connection using `google.auth.default()` since no key file is defined for hook.'
-            )
-            credentials, project_id = google.auth.default(scopes=self.scopes)
-        elif key_path:
-            # Get credentials from a JSON file.
-            if key_path.endswith('.json'):
-                self.log.debug('Getting connection using JSON key file %s', key_path)
-                credentials = (
-                    google.oauth2.service_account.Credentials.from_service_account_file(
-                        key_path, scopes=self.scopes)
-                )
-                project_id = credentials.project_id
-            elif key_path.endswith('.p12'):
-                raise AirflowException(
-                    'Legacy P12 key file are not supported, use a JSON key file.'
-                )
-            else:
-                raise AirflowException('Unrecognised extension for key file.')
-        else:
-            # Get credentials from JSON data provided in the UI.
-            try:
-                if not keyfile_dict:
-                    raise ValueError("The keyfile_dict should be set")
-                keyfile_dict_json: Dict[str, str] = json.loads(keyfile_dict)
-
-                # Depending on how the JSON was formatted, it may contain
-                # escaped newlines. Convert those to actual newlines.
-                keyfile_dict_json['private_key'] = keyfile_dict_json['private_key'].replace(
-                    '\\n', '\n')
-
-                credentials = (
-                    google.oauth2.service_account.Credentials.from_service_account_info(
-                        keyfile_dict_json, scopes=self.scopes)
-                )
-                project_id = credentials.project_id
-            except json.decoder.JSONDecodeError:
-                raise AirflowException('Invalid key JSON.')
-
-        if self.delegate_to:
-            credentials = credentials.with_subject(self.delegate_to)
+        try:
+            keyfile_dict = self._get_field('keyfile_dict', None)  # type: Optional[str]
 
 Review comment:
   ```suggestion
               keyfile_dict: Optional[str] = self._get_field('keyfile_dict', None)
   ```

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services