Magnus Runesson created AIRFLOW-4097:
----------------------------------------
Summary: Password printed out when adding connection
Key: AIRFLOW-4097
URL: https://issues.apache.org/jira/browse/AIRFLOW-4097
Project: Apache Airflow
Issue Type: Bug
Components: cli, security
Affects Versions: 1.10.2
Environment: Docker/Debian
Reporter: Magnus Runesson
h3. What happens
When adding a connection, including a password, via the airflow cli the
password is printed to stdout.
h3. Expected behaviour
Password is masked when printing to screen.
h3. Example how it is today
{{$ airflow connections -a --conn_id slack
--conn_host=https://hooks.slack.com/services --conn_type=http
--conn_password=MYPASSWORD}}
{{[2019-03-15 12:47:06,397] \{settings.py:174} INFO - settings.configure_orm():
Using pool settings. pool_size=5, pool_recycle=1800, pid=228}}
{{[2019-03-15 12:47:06,880] \{__init__.py:51} INFO - Using executor
LocalExecutor}}
{{[2019-03-15 12:47:07,890] \{models.py:169} WARNING - empty cryptography key -
values will not be stored encrypted.}}{{Successfully added `conn_id`=slack :
[*http://:MYPASSWORD@https*://hooks.slack.com/services:|http://:MYPASSWORD@https//hooks.slack.com/services:]}}
MYPASSWORD shall not be printed on the last line.
h3. Expected output
{{$ airflow connections -a --conn_id slack
--conn_host=https://hooks.slack.com/services --conn_type=http
--conn_password=MYPASSWORD}}
{{[2019-03-15 12:47:06,397] \{settings.py:174} INFO - settings.configure_orm():
Using pool settings. pool_size=5, pool_recycle=1800, pid=228}}
{{[2019-03-15 12:47:06,880] \{__init__.py:51} INFO - Using executor
LocalExecutor}}
{{[2019-03-15 12:47:07,890] \{models.py:169} WARNING - empty cryptography key -
values will not be stored encrypted.}}{{Successfully added `conn_id`=slack :
*http://:******@https*://hooks.slack.com/services:}}
MYPASSWORD is here replaced with a number of * on the last line.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
