This is an automated email from the ASF dual-hosted git repository.
ash pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/main by this push:
new 4d279e7718e Ensure that we generate a jwt_secret before launching api
servers processes (#47739)
4d279e7718e is described below
commit 4d279e7718e8bce418e135a6105bb45535b5e302
Author: Ash Berlin-Taylor <[email protected]>
AuthorDate: Thu Mar 13 16:40:27 2025 +0000
Ensure that we generate a jwt_secret before launching api servers processes
(#47739)
Otherwise each individual process will generate its own which results in _n_
different secret keys in use, and leads to random 403 errors.
---
airflow/cli/commands/local_commands/api_server_command.py | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/airflow/cli/commands/local_commands/api_server_command.py
b/airflow/cli/commands/local_commands/api_server_command.py
index 4f3fb5ab07e..6fa2d4330a2 100644
--- a/airflow/cli/commands/local_commands/api_server_command.py
+++ b/airflow/cli/commands/local_commands/api_server_command.py
@@ -52,6 +52,11 @@ def api_server(args):
worker_timeout = args.worker_timeout
proxy_headers = args.proxy_headers
+ # Ensure we set this now, so that each subprocess gets the same value
+ from airflow.utils.jwt_signer import get_signing_key
+
+ get_signing_key("api", "auth_jwt_secret")
+
if args.dev:
print(f"Starting the API server on port {args.port} and host
{args.host} in development mode.")
log.warning("Running in dev mode, ignoring uvicorn args")
