You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2020/05/22 13:53:03 UTC
[GitHub] [airflow] yerrysherry opened a new issue #8971: Problem when rotating the fernet keys
yerrysherry opened a new issue #8971:
URL: https://github.com/apache/airflow/issues/8971
$ airflow version
1.10.10
Database:
CentOS Linux release 7.6.1810 (Core),
Webserver - scheduler:
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.2 LTS
Release: 18.04
Codename: bionic
Problem: Can not access connection after doing a: airflow rotate_fernet_key
1) Create a new connection in the web interface
Conn id: my_connection
Conn Type: HTTP
Password: my_connection
2) Check the database level
[local] postgres@airflow# select * from connection where conn_id='my_connection';
-[ RECORD 1 ]------+-----------------------------------------------------------------------------------------------------
id | 39
conn_id | my_connection
conn_type | http
host | (null)
schema | (null)
login | (null)
password | gAAAAABex9MvQLybzQxgGFmkzbiuLamA5Hy8lsVM3oB-MtHBHct-rkDrOkHNpOXfz53AdyiQnfLDTMDvS_e8_jebnd60kw3aNA==
port | (null)
extra |
is_encrypted | t
is_extra_encrypted | f
3) Rotate the fernet key. I did NOT change the airflow.cfg file!!!
$ airflow rotate_fernet_key
$ (no outpit)
4) Check the database level. The encrypted password is changed.
[local] postgres@airflow# select * from connection where conn_id='my_connection';
-[ RECORD 1 ]------+-----------------------------------------------------------------------------------------------------
id | 39
conn_id | my_connection
conn_type | http
host | (null)
schema | (null)
login | (null)
password | gAAAAABex9MvT44QG8BleLaqz8J60QSmP7n_VxHwTeqdewLC5ptPqabf0c5NpJ-G2zDusgOKY4Ahgun3LcXN4L5hIN3ocNf9YA==
port | (null)
extra |
is_encrypted | t
is_extra_encrypted | f
5) check the connection in the web interface.
No problem. I can check and edit connections
6) Create a new Fernet key and change the airflow.cfg file
$ python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
DWL8rqNtdosZa78qFWImXZC4ac8FhfvdkGEebHd-LMc=
fernet_key = DWL8rqNtdosZa78qFWImXZC4ac8FhfvdkGEebHd-LMc=,doZ11rM4IyvbQTegQa4jHWuUWkCgCb9zYsPWzL2QLO0=
7) Rotate the fernet key.
airflow@airflow-pr-1:~/airflow$ airflow rotate_fernet_key
airflow@airflow-pr-1:~/airflow$ (no output)
8) When you check now in the web browser. Every entry who was encrypted gets an
Ooops page
The only thing, I can do is restoring the database
Regards,
Gerrit
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [airflow] github-actions[bot] closed issue #8971: Problem when rotating the fernet keys
Posted by GitBox <gi...@apache.org>.
github-actions[bot] closed issue #8971:
URL: https://github.com/apache/airflow/issues/8971
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [airflow] boring-cyborg[bot] commented on issue #8971: Problem when rotating the fernet keys
Posted by GitBox <gi...@apache.org>.
boring-cyborg[bot] commented on issue #8971:
URL: https://github.com/apache/airflow/issues/8971#issuecomment-632701306
Thanks for opening your first issue here! Be sure to follow the issue template!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [airflow] eladkal commented on issue #8971: Problem when rotating the fernet keys
Posted by GitBox <gi...@apache.org>.
eladkal commented on issue #8971:
URL: https://github.com/apache/airflow/issues/8971#issuecomment-841013919
is the issue still happens on Airflow 2?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [airflow] github-actions[bot] commented on issue #8971: Problem when rotating the fernet keys
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on issue #8971:
URL: https://github.com/apache/airflow/issues/8971#issuecomment-869246033
This issue has been closed because it has not received response from the issue author.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [airflow] github-actions[bot] commented on issue #8971: Problem when rotating the fernet keys
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on issue #8971:
URL: https://github.com/apache/airflow/issues/8971#issuecomment-864478661
This issue has been automatically marked as stale because it has been open for 30 days with no response from the author. It will be closed in next 7 days if no further activity occurs from the issue author.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org