dstandish commented on a change in pull request #15013:
URL: https://github.com/apache/airflow/pull/15013#discussion_r605975880
##########
File path: airflow/providers/hashicorp/secrets/vault.py
##########
@@ -188,12 +204,28 @@ def get_conn_uri(self, conn_id: str) -> Optional[str]:
:rtype: str
:return: The connection uri retrieved from the secret
"""
- if self.connections_path is None:
+ response = self.get_response(conn_id)
+
+ return response.get("conn_uri") if response else None
+
+ def get_connection(self, conn_id: str) -> Optional['Connection']:
+ """
+ Get connection from Vault as secret. Prioritize conn_uri if exists,
+ if not fall back to normal Connection creation.
+
+ :type conn_id: str
+ :rtype: Connection
+ :return: A Connection object constructed from Vault data
+ """
+ response = self.get_response(conn_id)
+ if response is None:
return None
- else:
- secret_path = self.build_path(self.connections_path, conn_id)
- response = self.vault_client.get_secret(secret_path=secret_path)
- return response.get("conn_uri") if response else None
+
+ uri = response.get("conn_uri")
+ if uri:
+ return uri
+
+ _create_connection(conn_id, response)
Review comment:
i think what makes sense to do here is to promote this to a standard way
of parsing creds from json, so that all such implementations can use it, and so
that it is not associated with one particular backend (in this case local files)
i think the right place for this would probably be in connection.py but i
could see it going in the root secrets module / package also.
what do you think @mik-laj
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
