ana-carolina-januario opened a new issue, #40092:
URL: https://github.com/apache/airflow/issues/40092
### Apache Airflow version
Other Airflow 2 version (please specify below)
### If "Other Airflow 2 version" selected, which one?
2.6.0
### What happened?
We've tried to perform some bash commands where we need to use env_vars to
build the command.
The main environment variable, so called COMMAND, has a placeholder to be
replaced by some secret values, for instance:
(here having (), {}, or nothing surrounding the env_var, does not affect the
result.)
COMMAND="echo 'This is my secret $(SECRET_AS_ENV_VAR)'"
but when I run:
echo $COMMAND
The result does not replace the variable.
When I run:
echo $SECRET_AS_ENV_VAR
The value is printed correctly so, the variable is successfully loaded.
I've tried to
I've analyzed the pods and noticed the order env_vars are presented, might
be affecting this replacement.
I've notice that when the pod is being build, the secrets (as env vars) are
being loaded after the env vars. This could be reviewed in order to load
secrets prior to the load of env_vars.
Thanks,
Ana
### What you think should happen instead?
I believe the env var COMMAND should have the SECRET_AS_ENV_VAR replaced
properly when starting the pod.
After looking at the code, I've noticed this function should load secrets at
the same time (or even before) loading env vars.:
https://airflow.apache.org/docs/apache-airflow-providers-cncf-kubernetes/7.3.0/_modules/airflow/providers/cncf/kubernetes/operators/pod.html#KubernetesPodOperator.build_pod_request_obj
### How to reproduce
Using your KubernetesPodOperator example,
https://airflow.apache.org/docs/apache-airflow-providers-cncf-kubernetes/1.2.0/_modules/airflow/providers/cncf/kubernetes/example_dags/example_kubernetes.html
add a variable with a value that uses the secret deployed as env:
init_environments = [k8s.V1EnvVar(name='key1', value='This string should
show the value of SQL_CONN = $(SQL_CONN)'), k8s.V1EnvVar(name='key2',
value='value2')]
For the args parameter:
args=['echo $key1']
With this echo, the value won't be replaced in the value of key1.
But if you run 'echo $SQL_CONN' the value will be correctly printed.
### Operating System
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)" NAME="Debian GNU/Linux"
VERSION_ID="11" VERSION="11 (bullseye)" VERSION_CODENAME=bullseye ID=debian
### Versions of Apache Airflow Providers
Version of the apache-airflow-providers-cncf-kubernetes is 6.1.0
### Deployment
Official Apache Airflow Helm Chart
### Deployment details
_No response_
### Anything else?
_No response_
### Are you willing to submit PR?
- [ ] Yes I am willing to submit a PR!
### Code of Conduct
- [X] I agree to follow this project's [Code of
Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
