mik-laj commented on a change in pull request #19164:
URL: https://github.com/apache/airflow/pull/19164#discussion_r736481265
##########
File path: airflow/providers/google/cloud/utils/credentials_provider.py
##########
@@ -283,6 +289,31 @@ def _get_credentials_using_key_path(self):
project_id = credentials.project_id
return credentials, project_id
+ def _get_credentials_using_key_secret_name(self):
+ self._log_debug('Getting connection using JSON key data from GCP
secret: %s', self.key_secret_name)
+
+ # Use ADC to access GCP Secret Manager.
+ adc_credentials, adc_project_id =
google.auth.default(scopes=self.scopes)
+ secret_manager_client =
_SecretManagerClient(credentials=adc_credentials)
Review comment:
Should this user not write their own [custom secret
backend](http://airflow.apache.org/docs/apache-airflow/stable/security/secrets/secrets-backend/index.html#roll-your-own-secrets-backend)
if they have very specific requirements? Simply put, I'm not sure we need
another secret management method. For now, we are supporting the backend secret
and why is that not enough?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
