uplsh580 commented on issue #60668: URL: https://github.com/apache/airflow/issues/60668#issuecomment-3765323980
I believe the logic that automatically converts environment variables from individual components—such as `apiServer`, `dagProcessor`, and `scheduler`—into `AIRFLOW__KUBERNETES_ENVIRONMENT_VARIABLES__` should be removed. As demonstrated in this issue, this automatic behavior leads to several critical downsides: * **Security Risks**: It can unintentionally expose sensitive information (e.g., credentials, internal tokens) to worker pods that don't actually require them. * **Unintended Side Effects**: It forces environment variables into worker pods that aren't necessary, leading to an unnecessarily cluttered environment and potential configuration conflicts. Furthermore, the `custom_airflow_environment` helper function already handles the automatic addition of the prefix based on `values.env` and `values.secret`. This existing functionality seems sufficient and provides a much more consistent way to manage global configurations. I propose refactoring this logic to stop the automatic addition for component-level `env` settings. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
