The GitHub Actions job "Tests" on airflow.git/fix/eks-pod-operator-credential-refresh-issue-57585 has failed. Run started by GitHub user aviralgarg05 (triggered by vincbeck).
Head commit for run: 220f77bc8e26b56f532c235ea314b6e09e0ec03d / aviralgarg05 <[email protected]> Fix EksPodOperator credential refresh for long-running tasks When EKS pods run longer than STS token lifetime (~15 minutes for assumed roles), the Kubernetes API returns 401 errors. The existing _refresh_cached_properties() method only resets the hook/client/pod_manager but doesn't refresh the AWS credentials file that the kubeconfig exec credential plugin reads from. This commit adds proper credential refresh by: 1. Storing the credentials file path during execute() and trigger_reentry() so it can be updated during reconnection attempts 2. Overriding _refresh_cached_properties() in EksPodOperator to: - Get fresh credentials from AWS via EksHook session - Write the new credentials to the existing credentials file - Call the parent implementation to reset Kubernetes clients 3. Adding _write_credentials_to_file() helper method to update the credentials file that the exec credential plugin sources This ensures that when a 401 error triggers _refresh_cached_properties(), the kubeconfig will use fresh credentials for subsequent authentication attempts. Fixes #57585 Report URL: https://github.com/apache/airflow/actions/runs/19887655941 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
