GitHub user abhijeet-ghl created a discussion: Unable to configure and get 
alerts/report via email/slack

We are trying to configure the configurations to enable the alerts and reports 
and schedule reports to be sent via email and slack. We tried all sorts of 
options starting with using chrome as headless browser and then switching to 
dev image. We are still not getting any mails with the report (getting 
sample/error mails). 

The configuration yaml file -
```
# Full values file - 
https://github.com/apache/superset/blob/master/helm/superset/values.yaml
# Command to deploy - "helm upgrade staging-superset superset/superset -f 
superset.yaml --version 0.12.11"

configOverrides:
  all_feature_flags: |
    FEATURE_FLAGS = {
      "ENABLE_TEMPLATE_PROCESSING": True,
      "DASHBOARD_NATIVE_FILTERS": True,
      "DASHBOARD_CROSS_FILTERS": True,
      "DASHBOARD_NATIVE_FILTERS_SET": True,
      "ENABLE_PIVOT_TABLE_V2": True,
      "GENERIC_CHART_AXES": True,
      "ENABLE_TAGS": True,
      "TAGGING_SYSTEM": True,
      "FEATURE_TAGGING_SYSTEM": True,
      "ALERT_REPORTS": True,
      "ALERT_REPORTS_NOTIFICATION_DISTRIBUTION": True,
      "ALERT_REPORT_SLACK_V2": True,
      "VERSIONED_EXPORT": True,
    }

    import os
    SLACK_WEBHOOK = os.getenv("SLACK_WEBHOOK")

    GLOBAL_ASYNC_QUERIES_JWT_SECRET = "YOUR_JWT_SECRET_HERE"

    ALERT_REPORTS_NOTIFICATION_DRY_RUN = False

  extend_timeout: |
    SUPERSET_WEBSERVER_TIMEOUT = 600

  timezone_setting: |
    DEFAULT_TIMEZONE = "UTC"
  
  email_config: |
    EMAIL_NOTIFICATIONS = True
    SMTP_HOST = "your-smtp-host.com"
    SMTP_STARTTLS = True
    SMTP_SSL = False
    SMTP_USER = "[email protected]"
    SMTP_PORT = 587
    SMTP_PASSWORD = "YOUR_SMTP_PASSWORD"
    SMTP_MAIL_FROM = "[email protected]"

  enable_oauth: |
    ENABLE_PROXY_FIX = True
    from flask_appbuilder.security.manager import AUTH_OAUTH
    AUTH_TYPE = AUTH_OAUTH
    AUTH_USER_REGISTRATION = True
    AUTH_USER_REGISTRATION_ROLE = "Alpha"
    
    # Custom security manager to handle both auth types
    from superset.security import SupersetSecurityManager
    from flask import request
    
    class HybridSecurityManager(SupersetSecurityManager):
        def __init__(self, appbuilder):
            super().__init__(appbuilder)
            
        def auth_user_db(self, username, password):
            # For internal requests, authenticate as platform user
            user_agent = request.headers.get('User-Agent', '')
            if 'gecko' in user_agent.lower() or 'firefox' in user_agent.lower():
                return self.find_user(username='platform')
            return super().auth_user_db(username, password)
            
        def get_user_by_username(self, username, session=None):
            # For WebDriver requests, return platform user
            user_agent = request.headers.get('User-Agent', '')
            if 'gecko' in user_agent.lower() or 'firefox' in user_agent.lower():
                return self.find_user(username='platform')
            return super().get_user_by_username(username, session)
    
    CUSTOM_SECURITY_MANAGER = HybridSecurityManager
 
    TALISMAN_ENABLED = True
    
    OAUTH_PROVIDERS = [
        {
            "name": "google",
            "icon": "fa-google",
            "token_key": "access_token",
            "remote_app": {
                "client_id": "YOUR_GOOGLE_CLIENT_ID.apps.googleusercontent.com",
                "client_secret": "YOUR_GOOGLE_CLIENT_SECRET",
                "api_base_url": "https://www.googleapis.com/oauth2/v2/";,
                "client_kwargs": {"scope": "email profile"},
                "request_token_url": None,
                "access_token_url": 
"https://accounts.google.com/o/oauth2/token";,
                "authorize_url": "https://accounts.google.com/o/oauth2/auth";,
                "authorize_params": {"hd": "yourdomain.com"}
            }
        }
    ]

  webdriver_config: |
    WEBDRIVER_TYPE = "firefox"
    GECKODRIVER_PATH = "/usr/local/bin/geckodriver"
    SCREENSHOT_FORCE_HEADLESS = True

  celery_config: |
    from celery.schedules import crontab
    import os

    class CeleryConfig:
      broker_url = f"redis://:{os.getenv('REDIS_PASSWORD', 
'')}@{os.getenv('REDIS_HOST', 'localhost')}:{os.getenv('REDIS_PORT', '6379')}/0"
      result_backend = f"redis://:{os.getenv('REDIS_PASSWORD', 
'')}@{os.getenv('REDIS_HOST', 'localhost')}:{os.getenv('REDIS_PORT', '6379')}/2"
      
      # Celery 6.0+ broker connection retry settings
      broker_connection_retry_on_startup = True
    
      imports = (
          "superset.sql_lab",
          "superset.tasks.cache",
          "superset.tasks.scheduler",
      )
    
      task_annotations = {
          "sql_lab.get_sql_results": {
              "rate_limit": "100/s",
          },
      }
    
      beat_schedule = {
          "reports.scheduler": {
              "task": "reports.scheduler",
              "schedule": crontab(minute="*", hour="*"),
          },
          "reports.prune_log": {
              "task": "reports.prune_log",
              "schedule": crontab(minute=0, hour=0),
          }
      }

    CELERY_CONFIG = CeleryConfig

  reports_config: |
    # Reports configuration
    EMAIL_PAGE_RENDER_WAIT = 60
    WEBDRIVER_BASEURL = "http://your-superset-service:80/";
    WEBDRIVER_BASEURL_USER_FRIENDLY = "https://your-superset-domain.com/";
    
    # User account for executing email reports
    EMAIL_REPORTS_USER = "platform"
    
    # Screenshot timing settings
    SCREENSHOT_LOCATE_WAIT = 100
    SCREENSHOT_LOAD_WAIT = 600
    
    # Report working timeout (5 minutes)
    ALERT_REPORTS_WORKING_TIME_OUT_KILL = True
    ALERT_REPORTS_WORKING_TIME_OUT_LAG = 300
    
    # Simple auth function for internal WebDriver requests
    def auth_driver(driver, user):
        # With the hybrid security manager, WebDriver requests should bypass 
OAuth
        # Just visit a simple page to establish session
        driver.get("http://your-superset-service:80/health";)
        return driver

    WEBDRIVER_AUTH_FUNC = auth_driver

extraEnv:
  REDIS_HOST: 'YOUR_REDIS_HOST'
  REDIS_PORT: '6379'
  REDIS_PASSWORD: 'YOUR_REDIS_PASSWORD'
  # Firefox headless environment variables
  DISPLAY: ':99'
  MOZ_HEADLESS: '1'
  MOZ_DISABLE_CONTENT_SANDBOX: '1'

extraSecretEnv:
  SUPERSET_SECRET_KEY: 'YOUR_SUPERSET_SECRET_KEY'
  SLACK_WEBHOOK: "https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK";

bootstrapScript: |
  #!/bin/bash
  set -eux

  apt update
  apt install -y build-essential libpq-dev python3-dev

  pip install psycopg2-binary==2.9.1 psycopg2==2.9.1 redis==4.6.0 \
    clickhouse-connect==0.8.1 shillelagh[gsheetsapi]==1.2.28 \
    snowflake-sqlalchemy==1.6.1 elasticsearch-dbapi \
    authlib==1.4.0 Pillow==9.5.0 selenium==4.9.1

  # Install Firefox and geckodriver with graphics libraries
  apt install -y firefox-esr wget xvfb libgtk-3-0 libdbus-glib-1-2 \
    libx11-xcb1 libxcomposite1 libxcursor1 libxdamage1 libxi6 \
    libxtst6 libnss3 libcups2 libxss1 libxrandr2 libasound2 \
    libpangocairo-1.0-0 libatk1.0-0 libcairo-gobject2 libgtk-3-0 
libgdk-pixbuf2.0-0
  
  # Download and install geckodriver
  GECKODRIVER_VERSION="v0.33.0"
  wget -q 
https://github.com/mozilla/geckodriver/releases/download/${GECKODRIVER_VERSION}/geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz
  tar -xzf geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz
  chmod +x geckodriver
  mv geckodriver /usr/local/bin/
  rm geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz

image:
  repository: apache/superset
  tag: 4.1.0rc2-py310
  pullPolicy: IfNotPresent

initImage:
  repository: apache/superset
  tag: dockerize
  pullPolicy: IfNotPresent

service:
  type: ClusterIP
  port: 80
  annotations: {}

ingress:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: gce-internal
    networking.gke.io/managed-certificates: your-superset-cert
    kubernetes.io/ingress.allow-http: 'false'
  path: /*
  pathType: ImplementationSpecific
  hosts:
    - your-superset-domain.com
  tls:
    - hosts:
        - your-superset-domain.com
      secretName: your-superset-tls-secret
  extraHostsRaw: []

resources:
  limits:
    cpu: 4000m
    memory: 4096Mi
  requests:
    cpu: 2000m
    memory: 3072Mi

# Superset node configuration
supersetNode:
  replicas:
    enabled: true
    replicaCount: 5
  autoscaling:
    enabled: true
    minReplicas: 5
    maxReplicas: 10
    targetCPUUtilizationPercentage: 65
  connections:
    redis_host: 'YOUR_REDIS_HOST'
    redis_port: '6379'
    redis_user: ''
    redis_password: 'YOUR_REDIS_PASSWORD'
    redis_cache_db: '1'
    redis_celery_db: '0'
    # You need to change below configuration incase bringing own PostgresSQL 
instance and also set postgresql.enabled:false
    db_host: 'YOUR_DB_HOST'
    db_port: '5432'
    db_user: 'YOUR_DB_USER'
    db_pass: 'YOUR_DB_PASSWORD'
    db_name: 'YOUR_DB_NAME'
  initContainers: []
  deploymentLabels:
    team: automation
    sub_team: bi
  podLabels:
    team: automation
    sub_team: bi
  extraPipPackages:
    - slack_sdk==3.33.3

# Superset Celery worker configuration
supersetWorker:
  image:
    repository: apache/superset
    tag: 4.1.0rc2-py310-dev
    pullPolicy: IfNotPresent
  replicas:
    enabled: true
    replicaCount: 5
  autoscaling:
    enabled: true
    minReplicas: 5
    maxReplicas: 10
    targetCPUUtilizationPercentage: 65
  initContainers: []
  deploymentLabels:
    team: automation
    sub_team: bi
  podLabels:
    team: automation
    sub_team: bi
  resources:
    limits:
      cpu: 2000m
      memory: 2048Mi
    requests:
      cpu: 1000m
      memory: 1024Mi
  extraPipPackages:
    - slack_sdk==3.33.3
  extraArgs:
    - "--pool=prefork"
    - "--concurrency=1"
    - "-Ofair"
    - "-Q"
    - "celery,reports"

supersetCeleryBeat:
  # -- This is only required if you intend to use alerts and reports
  enabled: true

supersetCeleryFlower:
  enabled: false
  replicaCount: 1

supersetWebsockets:
  enabled: false

init:
  resources:
    limits:
      cpu: 1000m
      memory: 2Gi
    requests:
      cpu: 1000m
      memory: 1Gi
  enabled: true
  loadExamples: false
  createAdmin: true
  adminUser:
    username: platform
    firstname: Superset
    lastname: Admin
    email: [email protected]
    password: YOUR_ADMIN_PASSWORD
  initContainers: []
  initScript: |-
    #!/bin/sh
    set -eu
    pip install --upgrade pip
    pip install \
      psycopg2-binary==2.9.1 \
      redis==3.5.3 \
      pyathena \
      elasticsearch-dbapi
    echo "Upgrading DB schema..."
    superset db upgrade
    echo "Initializing roles..."
    superset init
    {{ if .Values.init.createAdmin }}
    echo "Creating admin user..."
    superset fab create-admin \
                    --username {{ .Values.init.adminUser.username }} \
                    --firstname {{ .Values.init.adminUser.firstname }} \
                    --lastname {{ .Values.init.adminUser.lastname }} \
                    --email {{ .Values.init.adminUser.email }} \
                    --password {{ .Values.init.adminUser.password }} \
                    || true
    {{- end }}
    {{ if .Values.init.loadExamples }}
    echo "Loading examples..."
    superset load_examples
    {{- end }}
    if [ -f "{{ .Values.extraConfigMountPath }}/import_datasources.yaml" ]; then
      echo "Importing database connections.... "
      superset import_datasources -p {{ .Values.extraConfigMountPath 
}}/import_datasources.yaml
    fi

postgresql:
  enabled: false

redis:
  enabled: false

```

**Verifications** - 

Web browser and webdriver check - 
```
/app# firefox --headless
*** You are running in headless mode.
[GFX1-]: glxtest: libpci missing
[GFX1-]: glxtest: Unable to open a connection to the X server
[GFX1-]: No GPUs detected via PCI

[GFX1-]: RenderCompositorSWGL failed mapping default framebuffer, no dt
```
```
/app# geckodriver
1756729571359   geckodriver     INFO    Listening on 127.0.0.1:4444
```
On checking the browse to report from browser getting - 
```
/app# curl  http://staging-superset:80/superset/dashboard/158/
<!doctype html>
<html lang=en>
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to the target URL: <a 
href="/login/?next=http://staging-superset/superset/dashboard/158/";>/login/?next=http://staging-superset/superset/dashboard/158/</a>.
 If not, click the link.
```

The report is getting triggered but not getting any error.
<img width="1754" height="222" alt="image" 
src="https://github.com/user-attachments/assets/44855767-0c1c-419d-a4ba-79088da55ae6";
 />


Not sure what else configuration to be mapped, tried by passing the OAUTH 
authentication using `HybridSecurityManager` but still no luck.

Can community members please guide for the correct configuration.


GitHub link: https://github.com/apache/superset/discussions/34943

----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to: 
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to