-
Notifications
You must be signed in to change notification settings - Fork 14.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ClusterPolicyViolation support to airflow local settings #10282
Conversation
…airflow-aas into develop
@jaketf Can you add some docs? |
I don't think we need a separate option in airflow_local_settings. I think we can use the cluster policy. The example configuration file, you can find in |
@kaxil Thanks for the review. I was just about to ask you for this as I am the author of some of the code for this change and an independent review would be helpful. |
Co-authored-by: Kaxil Naik <[email protected]>
Co-authored-by: Kaxil Naik <[email protected]>
Co-authored-by: Kaxil Naik <[email protected]>
Co-authored-by: Kaxil Naik <[email protected]>
👏 Nice work @jaketf |
Indeed :). |
This change will allow users to throw other exceptions (namely `AirflowClusterPolicyViolation`) than `DagCycleException` as part of Cluster Policies. This can be helpful for running checks on tasks / DAGs (e.g. asserting task has a non-airflow owner) and failing to run tasks aren't compliant with these checks. This is meant as a tool for airflow admins to prevent user mistakes (especially in shared Airflow infrastructure with newbies) than as a strong technical control for security/compliance posture. (cherry picked from commit 7f76b8b)
This change will allow users to throw other exceptions (namely `AirflowClusterPolicyViolation`) than `DagCycleException` as part of Cluster Policies. This can be helpful for running checks on tasks / DAGs (e.g. asserting task has a non-airflow owner) and failing to run tasks aren't compliant with these checks. This is meant as a tool for airflow admins to prevent user mistakes (especially in shared Airflow infrastructure with newbies) than as a strong technical control for security/compliance posture. (cherry picked from commit 7f76b8b)
This change will allow users to throw other exceptions (namely `AirflowClusterPolicyViolation`) than `DagCycleException` as part of Cluster Policies. This can be helpful for running checks on tasks / DAGs (e.g. asserting task has a non-airflow owner) and failing to run tasks aren't compliant with these checks. This is meant as a tool for airflow admins to prevent user mistakes (especially in shared Airflow infrastructure with newbies) than as a strong technical control for security/compliance posture. (cherry picked from commit 7f76b8b)
The custom ClusterPolicyViolation has been added in apache#10282 This one adds more comprehensive test to it.
The custom ClusterPolicyViolation has been added in #10282 This one adds more comprehensive test to it. Co-authored-by: Jacob Ferriero <[email protected]>
…10282) This change will allow users to throw other exceptions (namely `AirflowClusterPolicyViolation`) than `DagCycleException` as part of Cluster Policies. This can be helpful for running checks on tasks / DAGs (e.g. asserting task has a non-airflow owner) and failing to run tasks aren't compliant with these checks. This is meant as a tool for airflow admins to prevent user mistakes (especially in shared Airflow infrastructure with newbies) than as a strong technical control for security/compliance posture. (cherry picked from commit 7f76b8b)
This change will allow users to throw other exceptions (namely
AirflowClusterPolicyViolation
) thanDagCycleException
as part of Cluster Policies.This can be helpful for running checks on tasks / DAGs (e.g. asserting task has a non-airflow owner) and failing to run tasks aren't compliant with these checks.
This is meant as a tool for airflow admins to prevent user mistakes (especially in shared airlfow infrastructure with newbies) than as a strong technical control for security / compliance posture.
CC: @potiuk @mik-laj who are familiar with this change.