ralichkov opened a new issue, #56432: URL: https://github.com/apache/airflow/issues/56432
### Apache Airflow version main (development) ### If "Other Airflow 2 version" selected, which one? _No response_ ### What happened? Connecting to a local Kubernetes cluster using `KubernetesHook` without SSL verification does not work despite the appropriate `disable_verify_ssl` being set to `true`. ### What you think should happen instead? This reason this happens is because in `KubernetesHook`'s `get_conn()`, `_disable_verify_ssl` calls `Configuration.set_default()`, which only [mutates an internal copy of the Kubernetes Configuration class](https://github.com/kubernetes-client/python/blob/v33.1.0/kubernetes/client/configuration.py#L192-L201). We don't don't set these new defaults to the hook's `self.client_configuration`, which we should do by calling [get_default_copy()](https://github.com/kubernetes-client/python/blob/8f5578ee6845d33b3fb54867e2ea88349df6d07e/kubernetes/client/configuration.py#L203-L215) like `kube_client.py` does. The unit test for this functionality fetches a new set of defaults using `get_default_copy()` and that is why the unit test passes, even though in reality it doesn't work. ### How to reproduce Breeze setup: ```sh # files/airflow-breeze-config/environment_variables.env AIRFLOW_CONN_KUBERNETES_DEFAULT='{"conn_type": "kubernetes", "extra": {"kube_config_path": "/files/dummy_kube_config.yml", "namespace": "default", "disable_verify_ssl": true}}' ``` Where `/files/dummy_kube_config.yml` is: <summary> ```yaml # /files/dummy_kube_config.yml apiVersion: v1 kind: Config clusters: - name: dummy cluster: server: http://127.0.0.1:8080 contexts: - name: dummy context: cluster: dummy user: dummy current-context: dummy users: - name: dummy user: {} ``` </summary> in a `breeze shell` python interpreter: ```python from airflow.providers.cncf.kubernetes.hooks.kubernetes import KubernetesHook hook = KubernetesHook() client = hook.get_conn() print(client.configuration.verify_ssl) # True ``` ### Operating System MacOS ### Versions of Apache Airflow Providers _No response_ ### Deployment Docker-Compose ### Deployment details _No response_ ### Anything else? _No response_ ### Are you willing to submit PR? - [x] Yes I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
