January 1, 0001   
cat vault/config/server1/tls/certs/server.pem >> ca-certificates.crt
cat vault/config/server2/tls/certs/server.pem >> ca-certificates.crt

O Python requests lê os certificados de:

$ python -c "import requests; print(requests.certs.where())"
/home/airflow/.local/lib/python3.8/site-packages/certifi/cacert.pem

Por isso a variável REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt.

Verificar se o Airflow consegue ler o segredo:

$ alias airflow='docker exec -it airflow_worker airflow "$@"'
$ airflow connections get smtp_default
id   | conn_id      | conn_type | description | host              | schema | login | password | port | is_encrypted | is_extra_encrypted | extra_dejson | get_uri
=====+==============+===========+=============+===================+========+=======+==========+======+==============+====================+==============+========================================
None | smtp_default | smtps     | None        | relay.example.com |        | user  | host     | 465  | False        | False              | {}           | smtps://user:host@relay.example.com:465
comments powered by Disqus