[14:03:00] <brouberol>	 Andrew from WMDE is trying to set up some webhook between their airflow-wmde instance and the WMDE mattermost instance, which is exposed at mattermost.wikimedia.de. Egressing to that domain does not seem to be working, even when allowing egress to the underlying IP/443. Is there a way to allowing that particular traffic?
[14:03:38] <brouberol>	 would it require adding `wikimedia.de` to our `no_proxy` rule?
[14:06:35] <elukey>	 what is the use case? Notify WMDE when airflow jobs are completed?
[14:07:01] <elukey>	 and I guess mattermost is not hosted in production right?
[14:07:38] <brouberol>	 yes, they want to get a notification when a DAG is done (meaning that a dataset is available)
[14:07:48] <brouberol>	 and correct, this is not hosted in our production network
[14:08:01] <brouberol>	 otherwise a simple networkpolicy would to the trick
[14:08:18] <elukey>	 I would personally prefer not to have our k8s pods reach out to an outside-of-prod IP for something like this
[14:08:55] <brouberol>	 (they have a plan B in which an email would be sent to some mailing list, if the feeling is that we shouldn't do this)
[14:09:10] <elukey>	 I think it would be much better :)
[14:09:18] <elukey>	 at least for me, others may disagree
[14:09:45] <brouberol>	 understood! I'll let other chime in if they want 
[14:09:59] <brouberol>	 thanks for the feedback (which I agree with as well TBH)
[14:31:42] <XioNoX>	 otherwise yeah, you need to us the proxies
[14:31:58] <XioNoX>	 but obviously best security wise if we don't
[15:38:26] <akosiaris>	 just chiming in with the rest to point out that better to avoid reaching out to the mattermost instance from our prod. Falling back to email sounds preferable 
[18:23:17] <brouberol>	 well received and communicated, thanks everyone!