You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flink.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/04/16 11:45:00 UTC
[jira] [Commented] (FLINK-8793) Hide key containing "secret" in web
interface
[ https://issues.apache.org/jira/browse/FLINK-8793?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16439321#comment-16439321 ]
ASF GitHub Bot commented on FLINK-8793:
---------------------------------------
GitHub user sihuazhou opened a pull request:
https://github.com/apache/flink/pull/5854
[FLINK-8793][REST] hidden key containing "secret" in web interface.
## What is the purpose of the change
Currently, we going in /jobmanager/config on the web interface, the value of the key containing "password" are replaced by "****"
When using s3 for checkpoint/savepoint configuration on an infrastructure which is not on AWS (where IAM is not possible), the s3.secret-key is revealed from the interface.
I propose the same behaviour as key with "password" for key with "secret"
## Brief change log
- *introduce `KEYS_TO_HIDDEN` in `ClusterConfigurationInfoTest` to define the keys need to be hidden, currently they are `"password"`, `"secret"`*
## Verifying this change
- *Added unit tests ClusterConfigurationInfoTest#testHiddenKey()*
## Does this pull request potentially affect one of the following parts:
- Dependencies (does it add or upgrade a dependency): (no)
- The public API, i.e., is any changed class annotated with `@Public(Evolving)`: (no)
- The serializers: (no)
- The runtime per-record code paths (performance sensitive): (no)
- Anything that affects deployment or recovery: JobManager (and its components), Checkpointing, Yarn/Mesos, ZooKeeper: (no)
- The S3 file system connector: (no)
## Documentation
no
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/sihuazhou/flink hideKeyContainingSecretInWebInterface
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/flink/pull/5854.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #5854
----
commit be420a80de7df90fc113e55af4a972258a9bcd30
Author: sihuazhou <su...@...>
Date: 2018-04-16T11:39:25Z
hidden key containing "secret" in web interface.
----
> Hide key containing "secret" in web interface
> ---------------------------------------------
>
> Key: FLINK-8793
> URL: https://issues.apache.org/jira/browse/FLINK-8793
> Project: Flink
> Issue Type: Bug
> Components: REST
> Affects Versions: 1.4.1
> Reporter: Etienne CARRIERE
> Priority: Critical
> Fix For: 1.5.0
>
>
> Currently, we going in /jobmanager/config on the web interface, the value of the key containing "password" are replaced by "****"
> When using s3 for checkpoint/savepoint configuration on an infrastructure which is not on AWS (where IAM is not possible), the s3.secret-key is revealed from the interface.
> I propose the same behaviour as key with "password" for key with "secret"
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)