Taragolis commented on issue #27908:
URL: https://github.com/apache/airflow/issues/27908#issuecomment-1327377251
Unfortunetly I've unable to reproduce this.
Airflow do not required internet access for `upgrade db` in case if Secrets
Backends not uses.
AWS SSM client only use in one place if it specified as secrets backend.
```yaml
version: '3'
networks:
no-internet-access:
driver: bridge
internal: true
volumes:
postgres-db-volume:
services:
postgres:
image: postgres:13
environment:
POSTGRES_USER: airflow
POSTGRES_PASSWORD: insecurepassword
POSTGRES_DB: airflow
volumes:
- postgres-db-volume:/var/lib/postgresql/data
healthcheck:
test: ["CMD", "pg_isready", "-U", "airflow", "-d", "airflow"]
interval: 5s
retries: 5
restart: on-failure
networks:
- no-internet-access
airflow-upgrade:
image: ${AIRFLOW_IMAGE_NAME:-apache/airflow:2.4.3}
environment:
CONNECTION_CHECK_MAX_COUNT: "0"
AIRFLOW__CORE__EXECUTOR: LocalExecutor
AIRFLOW__DATABASE__SQL_ALCHEMY_CONN:
postgresql+psycopg2://airflow:insecurepassword@postgres/airflow
# AIRFLOW__SECRETS__BACKEND:
'airflow.providers.amazon.aws.secrets.systems_manager.SystemsManagerParameterStoreBackend'
# AIRFLOW__DATABASE__SQL_ALCHEMY_CONN_SECRET: boom
command: ["db", "upgrade"]
networks:
- no-internet-access
depends_on:
postgres:
condition: service_healthy
airflow-version:
image: ${AIRFLOW_IMAGE_NAME:-apache/airflow:2.4.3}
environment:
AIRFLOW__CORE__EXECUTOR: LocalExecutor
AIRFLOW__DATABASE__SQL_ALCHEMY_CONN:
postgresql+psycopg2://airflow:insecurepassword@postgres/airflow
command: version
networks:
- no-internet-access
depends_on:
airflow-upgrade:
condition: service_completed_successfully
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
