GCP Secret Manager Error Handling for Missings Credentials #17264
Conversation
boring-cyborg
bot
added
area:providers
area:secrets
provider:google
| 'Unable to load credentials for GCP Secret Manager. ' | ||
| 'Make sure that the keyfile path, dictionary, or GOOGLE_APPLICATION_CREDENTIALS ' | ||
| 'environment variable is correct and properly configured.' |
There was a problem hiding this comment.
I wonder if it’d be a good idea to list the paths and check if GOOGLE_APPLICATION_CREDENTIALS is set (probably not a good idea to show its value). That’d make debugging much easier.
There was a problem hiding this comment.
The log.exception will probably show that error as that is raised from/by get_credentials_and_project_id I think
airflow/airflow/providers/google/cloud/utils/credentials_provider.py
Lines 287 to 288 in 866a601
airflow/airflow/providers/google/cloud/utils/credentials_provider.py
Lines 276 to 278 in 866a601
There was a problem hiding this comment.
Yes, but I was thinking it’d use useful to know what the value of self.key_path is in the above context, so I don’t need to hunt the value in my configs. But maybe google-auth already includes that in the exception, no idea.
github-actions
bot
added
the
okay to merge
|
The PR is likely OK to be merged with just subset of tests for default Python and Database versions without running the full matrix of tests, because it does not modify the core of Airflow. If the committers decide that the full tests matrix is needed, they will add the label 'full tests needed'. Then you should rebase to the latest main or amend the last commit of the PR, and push it with --force-with-lease. |
related: #16404
Split of the above referenced PR (secrets backend failover). See #16404 (comment)
This one just has the GCP Secret Manager error handling.