Bas Harenslak

Looks okay to me, although there's quite a lot of code duplication between the `_get_aad_token_for_default_az_credential` and `_a _get_aad_token_for_default_az_credential` methods. Any way to extract common code?

@jrderuiter In that case keeping the duplicated code is okay with me. Could you fix the static code checks?

Hi @basvandriel almost looks okay to me. There's one tiny static check nit that thinks that "aks" is a typo: https://github.com/apache/airflow/actions/runs/10882398151/job/30464268761?pr=41639#step:8:80. Could you add "aks" to `docs/spelling_wordlist.txt`? The other CICD...

@basvandriel @jrderuiter There's something fishy going on with the async test, see error in https://github.com/apache/airflow/actions/runs/11039010730/job/30937844742?pr=41639. This fails: ```python @pytest.mark.asyncio @mock.patch.dict( os.environ, { "AZURE_CLIENT_ID": "fake-client-id", "AZURE_TENANT_ID": "fake-tenant-id", "AZURE_FEDERATED_TOKEN_FILE": "/badpath", "KUBERNETES_SERVICE_HOST": "fakeip",...

All green now, it took a while but thanks for hanging on @basvandriel @jrderuiter!

For reference: https://github.com/apache/airflow/issues/55015

Tested this exact scenario on a live Vault, looking good: Will check the unit test next

@FoxHelms Can we replicate this check for fetching connections (which requires key "conn_uri") and config too?