add missing read for K8S config file from conn in deferred KubernetesPodOperator
#29498
Conversation
boring-cyborg
bot
added
provider:cncf-kubernetes
hussein-awala
changed the title
KubernetesPodOperator KubernetesPodOperator
| @@ -565,7 +565,16 @@ def execute_async(self, context: Context): | |||
|
|
|||
| def convert_config_file_to_dict(self): | |||
| """Converts passed config_file to dict format.""" | |||
| config_file = self.config_file if self.config_file else os.environ.get(KUBE_CONFIG_ENV_VAR) | |||
| config_file = None | |||
There was a problem hiding this comment.
thanks @hussein-awala for proposing this fix.
why the async need the function convert_config_file_to_dictand not the sync ?
Look like the async was implemented not fully following this pattern -> #20578
your PR fix the problems for the extra config_path , there is a risk that another is missing or new in the future would need "manual" fix like this
There was a problem hiding this comment.
I am not sure about the initial reason to convert the file into dictionary before creating the trigger, it may be to avoid copying the config file to the triggerer, where the pod is created on the worker using the sync hook and the waiting task is running on the triggerer and it uses the async hook.
here is a risk that another is missing or new in the future would need "manual" fix like this
With this fix, we cover all options currently available to provide the configuration file, and yes, if we add a new one in the future, we must add it on the sync hook and in this method.
@VladaZakharova can you please explain what was the motivation to convert the config file to a dictionary before creating the trigger?
There was a problem hiding this comment.
Hi Team!
This was implemented to that config file was converted to dict to be passed to trigger and then hook to establish connection.
There was a problem hiding this comment.
what do you mean by lighten the credential management ?
the hook is not re instantiate at every run of the trigger ?
There was a problem hiding this comment.
We needed a way to pass config file to the trigger to create a client for kubernetes, but using file system to communicate with trigger was not a good solution. So then we added a possibility to pass all config file parameters as a dict.
There was a problem hiding this comment.
To respect the pattern mentioned by @raphaelauv, I will try loading the config file in the async hook, this should work where the triggerer is initiated once.
There was a problem hiding this comment.
Please mind that all FS operations are blocking side effects. It's violating asyncio contract and can cause additional error logs informing about blocking code.
|
@hussein-awala I guess you will be still changing the config access pattern on that one ? Do I understand correctly? |
Yes, I'm testing loading the config file in the triggerer instead of loading it in the worker and pass it as a dict. I convert the PR to draft until I finish testing |
|
Hi! |
…rker and pass it as a dict
@VladaZakharova - Yes, I pass the file path and let the triggerer loads it. Can you check my last commit? BTW, I am not sure if loading the config file from the env var |
|
Loading the config file from the env KUBECONFIG is deprecated in latest provider version |
|
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed in 5 days if no further activity occurs. Thank you for your contributions. |
github-actions
bot
added
the
stale
|
@hussein-awala the PR have conflicts , could you rebase on main , thank you 👍 |
github-actions
bot
removed
the
stale
hussein-awala
force-pushed
the
fix/deferrable_k8s_pod_op
branch
4 times, most recently
from
839b3c1 to
59d76b8
Compare
hussein-awala
force-pushed
the
fix/deferrable_k8s_pod_op
branch
from
59d76b8 to
24885c6
Compare
| def convert_config_file_to_dict(self): | ||
| """Converts passed config_file to dict format.""" | ||
| config_file = self.config_file if self.config_file else os.environ.get(KUBE_CONFIG_ENV_VAR) | ||
| if config_file: | ||
| with open(config_file) as f: | ||
| self._config_dict = yaml.safe_load(f) | ||
| else: | ||
| self._config_dict = None |
There was a problem hiding this comment.
is removing this function considered a breaking change?
There was a problem hiding this comment.
In my opinion, this method is used as a private method since it only updates some attributes in the class instances without returning any value. However, it's possible that someone could extend the operator class and use it. Should we deprecate it and remove it in the next major release, or should we add a breaking change note?
There was a problem hiding this comment.
So lets deprecate first. Just to be on the safe side.
hussein-awala
force-pushed
the
fix/deferrable_k8s_pod_op
branch
from
bdef821 to
1a87f6e
Compare
hussein-awala
force-pushed
the
fix/deferrable_k8s_pod_op
branch
from
1a87f6e to
5bc37f2
Compare
|
LGTM. @eladkal ? |
closes: #29488
The async execute method of
KubernetesPodOperatordoesn't check if theconfig_pathis provided in the connection extra, this PR fixes this by extracting the config path in order to read it and convert it to dictionary.