electrical opened a new issue, #63253: URL: https://github.com/apache/airflow/issues/63253
### Description We use Github for our git repos. To provide access from airflow we use External Secrets Operator to manage this using GithubAccessToken that uses a github app to create the access token. This token only lives for 1 hour maximum. Because of this lifespan, The gitsync container needs to re-read the secret to have the new token. Unfortunately it seems that gitsync doesn't support re-reading the secret while it's running. This causes it to fail the sync, exit and restarts. Thankfully it will restart fine and syncs again. ### Use case/motivation Gitsync project have released a new feature https://github.com/kubernetes/git-sync/pull/976 that allows for reading a file that contains the password and re-read it at each sync loop Env vars are only set at startup time so won't detect a change, therefor the secret will have to be mounted inside the container which I think should allow for accepting token rotations? ### Related issues _No response_ ### Are you willing to submit a PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
