Skip to content

Allow AWS Secrets Backends use AWS Connection capabilities #25628

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
potiuk merged 4 commits into from
Aug 16, 2022
Merged

Allow AWS Secrets Backends use AWS Connection capabilities #25628

potiuk merged 4 commits into from
Aug 16, 2022

Conversation

@Taragolis
Copy link
Contributor

@Taragolis Taragolis commented Aug 9, 2022
edited
Loading

In additional added new Extra Connection parameters

  • profile_name - this only one parameter which could be assigned to session_kwargs without any side effects in current provider, so I thought there is no reason use session_kwargs.
  • verify - this parameter could specified at that moment only in hook (right now), but not in connection.

Update documentation and split Extra Connection Config by sections.

closes: #25326 (updated, initially mention wrong issue)

@Taragolis Taragolis requested a review from mik-laj as a code owner August 9, 2022 23:26
@Taragolis Taragolis force-pushed the amazon-secrets-backends-connection branch 2 times, most recently from 626797f to 461f5ab Compare August 10, 2022 11:35
o-nikolas
o-nikolas reviewed Aug 10, 2022
View reviewed changes
Copy link
Contributor

@o-nikolas o-nikolas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These code modules are a little obtuse (not your fault) so it's difficult to review with high confidence, but I've had a look and left some comments

@o-nikolas o-nikolas mentioned this pull request Aug 11, 2022
Closed
2 tasks
@Taragolis Taragolis force-pushed the amazon-secrets-backends-connection branch from 461f5ab to 3d42954 Compare August 16, 2022 10:18
@Taragolis Taragolis force-pushed the amazon-secrets-backends-connection branch from 83d3ca2 to b5060c0 Compare August 16, 2022 17:10
@Taragolis
Copy link
Contributor Author

Taragolis commented Aug 16, 2022

These code modules are a little obtuse (not your fault) so it's difficult to review with high confidence, but I've had a look and left some comments

I hope in near future we could also drop all deprecated configs, which makes it easier to maintain and expand.

BTW, finally fix/change suggestion and pass tests
cc: @o-nikolas @vincbeck @ferruzzi

vincbeck
vincbeck approved these changes Aug 16, 2022
View reviewed changes
Copy link
Contributor

@vincbeck vincbeck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@potiuk potiuk merged commit b9b8841 into apache:main Aug 16, 2022
@potiuk potiuk mentioned this pull request Aug 17, 2022
Merged
potiuk added a commit to potiuk/airflow that referenced this pull request Aug 17, 2022
@potiuk
The secrets tests are moved to "always" section of tests
3d23269 
The secrets tests are interacting with providers so changes
in providers secrets implementation might break those tests.

Moving them to "always" folder prevents them from accepting
a PR that breaks other PRs.

Related: apache#25751 apache#25628
@Taragolis Taragolis deleted the amazon-secrets-backends-connection branch August 17, 2022 13:00
potiuk added a commit that referenced this pull request Aug 17, 2022
@potiuk
The secrets tests are moved to "always" section of tests (#25760)
fe0f903 
The secrets tests are interacting with providers so changes
in providers secrets implementation might break those tests.

Moving them to "always" folder prevents them from accepting
a PR that breaks other PRs.

Related: #25751 #25628
@Taragolis Taragolis mentioned this pull request Aug 28, 2022
Merged
@ashb ashb mentioned this pull request Sep 5, 2022
Closed
25 tasks
@ephraimbuddy ephraimbuddy added the changelog:skip Changes that should be skipped from the changelog (CI, tests, etc..) label Sep 13, 2022
@Taragolis Taragolis mentioned this pull request Sep 18, 2022
Merged
This was referenced Sep 29, 2022
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@o-nikolas o-nikolas o-nikolas left review comments

@potiuk potiuk potiuk approved these changes

@vincbeck vincbeck vincbeck approved these changes

@mik-laj mik-laj Awaiting requested review from mik-laj

Assignees

No one assigned

Labels

area:providers area:secrets changelog:skip Changes that should be skipped from the changelog (CI, tests, etc..) kind:documentation provider:amazon AWS/Amazon - related issues

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

The AWS Secrets Backends (SM and SSM) do not allow configuration of Assume Role Methods via Backend Kwargs

5 participants

@Taragolis @potiuk @o-nikolas @vincbeck @ephraimbuddy