Lack of permissions for secrets causes report to have no results

[dintorf]

Error returned:

HTTP response body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"secrets is forbidden: User \"XXXXXXX\" cannot list resource \"secrets\" in API group \"\" at the cluster scope","reason":"Forbidden","details":{"kind":"secrets"},"code":403}

Requested behavior: Return all other results without helm info and don't require access to read secrets

It looks like helm info is called for all namespaces before calling for individual getters and the exception is skipped. I think the same behavior should occur for individual k8s getters.

I think the issue occurs here: https://github.com/astronomer/telescope/blob/0ad17c79cde5c6268a70d099afd4513901a55b8b/telescope/getter_util.py#L114-L139

there is a try/except around getting the airflow info and helm info and the airflow info results are getting overwritten if the helm info fails. I think separating the try/except would fix this

    try:
        result = getter.get(AIRFLOW_REPORT_CMD)
        if dag_obfuscation:
            for dag in result.get("dags_report", []):
                dag["dag_id"] = dag_obfuscation_fn(dag["dag_id"])
                dag["fileloc"] = dag_obfuscation_fn(dag["fileloc"])

        if type(result) == str:
            log.error(f"\n{full_key} raised an error - \n{result}\n")

        results[full_key] = result
    except Exception as e:
        log.exception(e)
        results[full_key] = str(e)

    try:
        if type(getter) == KubernetesGetter:
            results[helm_full_key] = get_helm_info(namespace=getter_key.split("|")[0])
    except Exception as e:
        log.exception(e)
        results[helm_full_key] = str(e)

[fritz-astronomer]

Excellent! Thanks for the fix!