potiuk commented on issue #14592: URL: https://github.com/apache/airflow/issues/14592#issuecomment-853743827
> If we treat the secrets backend as meta-DB like quintessential, then the worker and scheduler should reflect the same startup behavior. Why would the bar be higher for the webserver? Yep. They should fail. I was quite sure they are failing as well in this case. I think it should be fixed if they don't. I think it is > In theory this is more of a safety trouble on the scheduler and worker as the DAGs and tasks are failing not being able to use the connection. Agree. They should fail if they are not currently. > The webserver at the least presents a window of visibility into what is failing and why, by making it visible to the user through task failures and logs. We should then be consistent on the stance on all 3, right? > Not if the configuration renders the whole airflow potentially unusable we can see failures of single tasks. But otherwise it is working. For me, misconfiguration of secrets backend (because of it's scope - it potentially impacts all configuration INCLUDING the metadata db configuration itself!!!!) Is straight equivalent of what happens if you misconfigure the metadata URL - which makes webserver crash > The problem is the webserver is intended to be stateless, but it hosts the CLI commands which makes it stateful in this ecosystem. Until we get to the future of either fully stateless webserver with decoupled REST API and CLI (AIP-38?), I believe that a failsafe configuration for the webserver would be extremely useful. Agree that webserver should be stateless, but I think it does not matter if it is stateless or not . The UI/webserver accesses /can change the metadata DB. So what is more important is whether they are rad-only or not and whether the secret backend presence or not has an impact on actions triggered and changes done by the UI. So more of a question is (and something that should be answered) * Is there any case where any actions triggered by webserver behave differently wit/without presence of the secret backend? Does any of the variables/connections/configurations impact any of the actions of the user? * Does the user see we see the status of secret backend and understand the consequences of that ? * Should the user be able to do any of the edit actions and modify the database if the secret backend is not available ? * What happens if you have Metadata db configurred in secret backend ? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
