potiuk commented on pull request #14531: URL: https://github.com/apache/airflow/pull/14531#issuecomment-803316512
> An additional option: check the login still exists in the clean script (this is set as a ExecPost run in the action.runner.service file from the userdata Yeah. running aws from runner does not work - we have no permissions to read the password from secret manager there (and it's good). I think using ExecPre is even better than ExecPost actually. It already runs priviledged (with !) and in case it failes (I added -e), it will prevent the runner from running . So we will be absolutely sure that when the runner runs, it actually has the credentials. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
