dstandish commented on issue #6104: [AIRFLOW-4574] allow providing private_key in SSHHook URL: https://github.com/apache/airflow/pull/6104#issuecomment-532965215 Sounds like you don't like the `private_key` hook init param. I don't care about this I was just adding it to be consistent with with existing hook, in which pretty much every attribute was overridable in init. There was already `password`, so an invitation to be a knucklehead already exists ;). If you want to remove this init param I have absolutely no objection. But concerning allowing private key to be provided directly in airflow connection, as opposed to only key file `path`, I assume you do not mean to object to that. There is absolutely no difference between providing a private key here and `keyfile_dict` in GCP, or `password` in _any_ other conn uri. The connection framework is fundamental to airflow and if we object to that, then we object to all hooks. Moreover I think the case is strong that to require distributing keys across all nodes -- in other words adding special extra processing relative to other connection types -- rather _increases_ likelihood of security lapses relative to just being able to lean on the connection framework alone. Perhaps it makes sense to make a new PR with your proposed change and we can discuss there?
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
