barrywhart commented on code in PR #25829:
URL: https://github.com/apache/airflow/pull/25829#discussion_r954028943
##########
airflow/providers/cncf/kubernetes/operators/kubernetes_pod.py:
##########
@@ -409,6 +425,12 @@ def extract_xcom(self, pod: k8s.V1Pod):
self.log.info("xcom result: \n%s", result)
return json.loads(result)
+ def pre_execute(self, context):
+ if isinstance(self.env_vars, str):
+ self.env_vars =
convert_env_vars(ast.literal_eval(self.env_vars.strip()))
Review Comment:
We use this for data science model training and prediction. Re: XcomArg --
the environment variables are not coming from an upstream task. They're
arbitrary runtime settings the data scientist wants to pass to the job. (Unless
I'm misunderstanding how XcomArg works.)
The number of variables is not known at DAG definition time, only at DAG
submission time. See the automated test on the PR for a fairly realistic
example using `dag_run.conf`.
Re: the security concern, is it possible you are thinking of `eval`? My
understanding is that `literal_eval` is safe. There are many uses of it
elsewhere in Airflow. More info here:
https://stackoverflow.com/questions/4710247/python-3-are-there-any-known-security-holes-in-ast-literal-evalnode-or-string
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
