mik-laj commented on a change in pull request #10594: URL: https://github.com/apache/airflow/pull/10594#discussion_r482785240
########## File path: airflow/api_connexion/endpoints/health_endpoint.py ########## @@ -14,13 +14,15 @@ # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. +from airflow.api_connexion import security from airflow.api_connexion.schemas.health_schema import health_schema from airflow.jobs.scheduler_job import SchedulerJob HEALTHY = "healthy" UNHEALTHY = "unhealthy" [email protected]_access([("can_read", "Health")]) Review comment: This endpoint does not need authorization as it will be used to verify that the instance is working properly even if no account has been created yet. The Kubernetes API also don't have authorization for health endpoint. ``` $ ENDPOINT=$(gcloud container clusters describe airflow-cluster --zone us-central1 --format='value(endpoint)') $ curl --insecure https://$ENDPOINT/readyz?verbose [+]ping ok [+]log ok [+]etcd ok [+]poststarthook/generic-apiserver-start-informers ok [+]poststarthook/start-apiextensions-informers ok [+]poststarthook/start-apiextensions-controllers ok [+]poststarthook/crd-informer-synced ok [+]poststarthook/bootstrap-controller ok [+]poststarthook/rbac/bootstrap-roles ok [+]poststarthook/scheduling/bootstrap-system-priority-classes ok [+]SSH Tunnel Check ok [+]poststarthook/ca-registration ok [+]poststarthook/start-kube-apiserver-admission-initializer ok [+]poststarthook/start-kube-aggregator-informers ok [+]poststarthook/apiservice-registration-controller ok [+]poststarthook/apiservice-status-available-controller ok [+]poststarthook/kube-apiserver-autoregistration ok [+]autoregister-completion ok [+]poststarthook/apiservice-openapi-controller ok [+]shutdown ok healthz check passed ``` ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
