JavierLopezT commented on pull request #9008:
URL: https://github.com/apache/airflow/pull/9008#issuecomment-669857264
> The way this is implemented is far to specialized, and hacky.
>
> They way I would expect this to work:
>
> * We first try to get the named secret -- if that finds a valid secret
then we use the existing conn_uri approach; otherwise
> * We list secrets under the named path (i.e.
`List("/airflow/connections/my_conn_id")` and then we fetch each of those
secrets, feeding them in to a `Connection()` call in some manner.
>
> This way we an support arbitrary extra parameters, i.e. the all the extra
params for a Connection too, and we don't ever need to use `ast`.
>
> Probably something like: if the name is not one of conn_type, host, login,
password, schema, or port, extra then it gets fed in to the extra dict. (That
way you can specify extra fields individually in Secrets Manager without having
to manage a JSON value.)
Thanks for your answer ash. Sorry, I am not sure I am following you. I am a
bit lost with your proposition of functionality. Could you be more specific
using this example of how I use AWS Secrets Manager in my company, please?
In the picture, there are three secrets, and within each of them, there are
secret keys (pass, user, api_key.. whatever) with its corresponding secret
values.
I do understand what you say about removing the ast, and I think it's a very
good idea, thank you for your suggestion.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
