uranusjr commented on a change in pull request #16404:
URL: https://github.com/apache/airflow/pull/16404#discussion_r660197362
##########
File path: airflow/configuration.py
##########
@@ -81,10 +81,18 @@ def run_command(command):
def _get_config_value_from_secret_backend(config_key):
"""Get Config option values from Secret Backend"""
- secrets_client = get_custom_secret_backend()
- if not secrets_client:
- return None
- return secrets_client.get_config(config_key)
+ try:
+ secrets_client = get_custom_secret_backend()
+ if not secrets_client:
+ return None
+ return secrets_client.get_config(config_key)
+ except Exception as e: # pylint: disable=broad-except
+ raise AirflowConfigException(
+ 'Cannot retrieve config from Alternative Secrets Backend. '
Review comment:
Why is Alternative Secrets Backend capitalised? [It is not in the
documentation](https://airflow.apache.org/docs/apache-airflow/stable/security/secrets/secrets-backend/index.html).
##########
File path: airflow/models/connection.py
##########
@@ -35,6 +36,8 @@
from airflow.utils.log.secrets_masker import mask_secret
from airflow.utils.module_loading import import_string
+log = logging.getLogger()
Review comment:
Use `getLogger(__file__)` to give the logger a name. Otherwise it
returns the root logger, making the log messages very difficult to manage.
##########
File path: airflow/models/connection.py
##########
@@ -35,6 +36,8 @@
from airflow.utils.log.secrets_masker import mask_secret
from airflow.utils.module_loading import import_string
+log = logging.getLogger()
Review comment:
Use `getLogger(__name__)` to give the logger a name. Otherwise it
returns the root logger, making the log messages very difficult to manage.
##########
File path: airflow/providers/google/cloud/secrets/secret_manager.py
##########
@@ -101,9 +106,17 @@ def __init__(
"`connections_prefix`, `variables_prefix` and `sep` should
"
f"follows that pattern {SECRET_ID_PATTERN}"
)
- self.credentials, self.project_id = get_credentials_and_project_id(
- keyfile_dict=gcp_keyfile_dict, key_path=gcp_key_path,
scopes=gcp_scopes
- )
+ try:
+ self.credentials, self.project_id = get_credentials_and_project_id(
+ keyfile_dict=gcp_keyfile_dict, key_path=gcp_key_path,
scopes=gcp_scopes
+ )
+ except (DefaultCredentialsError, FileNotFoundError):
Review comment:
Why is this catch block narrow while others are broard (except
Exception)? Can those catching `Exception` be narrowed down?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
