kaxil commented on issue #8421: URL: https://github.com/apache/airflow/issues/8421#issuecomment-812514123
> Makes sense as well. Do you think there should be some kind of sensitive field naming convention (e.g. leading underscore as suggested previously) and separate permissions to control “public” and sensitive field visibilities, or just one blanket permission for all fields would suffice? re: Naming convention The problem with that is that it is too big of a change and affects all the Operators as `template_field`, example: https://github.com/apache/airflow/blob/4d1b2e985492894e6064235688cf8f381b1e8858/airflow/operators/bash.py#L127-L146 and that it varies sometimes per user, as they might pass a sensitive value to BashOperator via a connection/variable to use an environment variable containing sensitive information. Hence I think the blanket permission for all field should suffice -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
