Update guide for Google Cloud Secret Manager Backend #10172
Conversation
| @@ -64,9 +64,9 @@ class CloudSecretManagerBackend(BaseSecretsBackend, LoggingMixin): | |||
| :type gcp_keyfile_dict: dict | |||
| :param gcp_scopes: Comma-separated string containing GCP scopes | |||
| :type gcp_scopes: str | |||
| :param project_id: Project id (if you want to override the project_id from credentials) | |||
| :param project_id: Project ID. If not passed, the project ID from credentials will be used. | |||
There was a problem hiding this comment.
Maybe add something what is the values used for like
"Project Id to read the secrets from. If not provided, thethe project ID from credentials id used"
| To enable GCP Secrets Manager to retrieve connection/variables, specify :py:class:`~airflow.providers.google.cloud.secrets.secret_manager.CloudSecretManagerBackend` | ||
| as the ``backend`` in ``[secrets]`` section of ``airflow.cfg``. | ||
| This topic describes how to configure Airflow to use `Secret Manager <https://cloud.google.com/secret-manager/docs>`__ as | ||
| a secret bakcned and how to manage secrets. |
|
|
||
| Here is a sample configuration if you want to just retrieve connections: | ||
| To enable the secret backend for Google Cloud Secrets Manager to retrieve connection/variables, | ||
| specify :py:class:`~airflow.providers.google.cloud.secrets.secret_manager.CloudSecretManagerBackend` |
There was a problem hiding this comment.
This requires installing backport-operators. Maybe it's worth to mention that?
There was a problem hiding this comment.
Unfortunately, this is documentation for Airflow 2.0 where these packages don't work. We don't have documentation for Airflow 1.10 with backport packages.
There was a problem hiding this comment.
Backport Packages have their own documentation - - and I already have a mechanism to incorpoare some extra information in it - I will extract some of the useful GCP guides ther with the next wave of backport packages.
The documentation is here: https://github.com/apache/airflow/tree/master/airflow/providers/google
And when released it can be found in PyPI https://pypi.org/project/apache-airflow-backport-providers-google/2020.6.24/
|
|
||
| You can configure the credentiaps in three ways: |
| @@ -433,8 +460,43 @@ When ``gcp_key_path`` is not provided, it will use the Application Default Crede | |||
| * `google.auth.default <https://google-auth.readthedocs.io/en/latest/reference/google.auth.html#google.auth.default>`__ | |||
| * `Setting Up Authentication for Server to Server Production Applications <https://cloud.google.com/docs/authentication/production>`__ | |||
|
|
|||
| The value of the Secrets Manager secret id must be the :ref:`connection URI representation <generating_connection_uri>` | |||
| of the connection object. | |||
| Managing a secrets | |||
…ud Secret Manager Backend
|
@potiuk I took into account all the comments. |
|
|
||
| Here is a sample configuration if you want to just retrieve connections: | ||
| To enable the secret backend for Google Cloud Secrets Manager to retrieve connection/variables, | ||
| specify :py:class:`~airflow.providers.google.cloud.secrets.secret_manager.CloudSecretManagerBackend` |
There was a problem hiding this comment.
Backport Packages have their own documentation - - and I already have a mechanism to incorpoare some extra information in it - I will extract some of the useful GCP guides ther with the next wave of backport packages.
The documentation is here: https://github.com/apache/airflow/tree/master/airflow/providers/google
And when released it can be found in PyPI https://pypi.org/project/apache-airflow-backport-providers-google/2020.6.24/
Based on the feedback from users, I decided to write a few more sections.
^ Add meaningful description above
Read the Pull Request Guidelines for more information.
In case of fundamental code change, Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in UPDATING.md.