eladkal commented on a change in pull request #21685:
URL: https://github.com/apache/airflow/pull/21685#discussion_r810515314
##########
File path: airflow/config_templates/config.yml
##########
@@ -1085,6 +1085,10 @@
Secret key used to run your flask app. It should be as random as
possible. However, when running
more than 1 instances of webserver, make sure all of them use the same
``secret_key`` otherwise
one of them will error with "CSRF session token is missing".
+ The webserver key is also used to authorize requests to Celery workers
when loga are retrieved.
Review comment:
```suggestion
The webserver key is also used to authorize requests to Celery
workers when logs are retrieved.
```
##########
File path: docs/helm-chart/production-guide.rst
##########
@@ -111,6 +111,11 @@ Example to create a Kubernetes Secret from ``kubectl``:
kubectl create secret generic my-webserver-secret
--from-literal="webserver-secret-key=$(python3 -c 'import secrets;
print(secrets.token_hex(16))')"
+The webserver key is also used to authorize requests to Celery workers when
loga are retrieved. The token
Review comment:
```suggestion
The webserver key is also used to authorize requests to Celery workers when
logs are retrieved. The token
```
##########
File path: docs/apache-airflow/howto/set-config.rst
##########
@@ -121,3 +121,8 @@ the example below.
does not require all, some configurations need to be same otherwise they
would not
work as expected. A good example for that is
:ref:`secret_key<config:webserver__secret_key>` which
should be same on the Webserver and Worker to allow Webserver to fetch
logs from Worker.
+
+ The webserver key is also used to authorize requests to Celery workers
when loga are retrieved. The token
Review comment:
```suggestion
The webserver key is also used to authorize requests to Celery workers
when logs are retrieved. The token
```
##########
File path: docs/apache-airflow/upgrading-from-1-10/index.rst
##########
@@ -339,6 +339,11 @@ the only supported UI.
this via any configuration mechanism. The 1.10.15 bridge-release modifies
this feature
to use randomly generated secret keys instead of an insecure default and
may break existing
deployments that rely on the default.
+ The webserver key is also used to authorize requests to Celery workers
when loga are retrieved. The token
Review comment:
```suggestion
The webserver key is also used to authorize requests to Celery workers
when logs are retrieved. The token
```
##########
File path: airflow/config_templates/default_airflow.cfg
##########
@@ -559,6 +559,10 @@ reload_on_plugin_change = False
# Secret key used to run your flask app. It should be as random as possible.
However, when running
# more than 1 instances of webserver, make sure all of them use the same
``secret_key`` otherwise
# one of them will error with "CSRF session token is missing".
+# The webserver key is also used to authorize requests to Celery workers when
loga are retrieved.
Review comment:
```suggestion
# The webserver key is also used to authorize requests to Celery workers
when logs are retrieved.
```
##########
File path: docs/apache-airflow/configurations-ref.rst
##########
@@ -27,6 +27,11 @@ does not require all, some configurations need to be same
otherwise they would n
work as expected. A good example for that is
:ref:`secret_key<config:webserver__secret_key>` which
should be same on the Webserver and Worker to allow Webserver to fetch logs
from Worker.
+The webserver key is also used to authorize requests to Celery workers when
loga are retrieved. The token
Review comment:
```suggestion
The webserver key is also used to authorize requests to Celery workers when
logs are retrieved. The token
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
