jedcunningham commented on code in PR #31820:
URL: https://github.com/apache/airflow/pull/31820#discussion_r1224769472
##########
tests/core/test_configuration.py:
##########
@@ -1447,3 +1448,36 @@ def test_future_warning_only_for_code_ref(self, key):
w = captured.pop()
assert "your `conf.get*` call to use the new name" in
str(w.message)
assert w.category == FutureWarning
+
+
+def test_sensitive_values():
+ from airflow.settings import conf
+
+ # this list was hardcoded prior to 2.6.2
+ # included here to avoid regression in refactor
+ # inclusion of keys ending in "password" or "kwargs" is automated from
2.6.2
+ # items not matching this pattern must be added here manually
+ sensitive_values = {
+ ("database", "sql_alchemy_conn"),
+ ("core", "fernet_key"),
+ ("celery", "broker_url"),
+ ("celery", "flower_basic_auth"),
+ ("celery", "result_backend"),
+ ("atlas", "password"),
+ ("smtp", "smtp_password"),
+ ("webserver", "secret_key"),
+ ("secrets", "backend_kwargs"),
+ # The following options are deprecated
+ ("core", "sql_alchemy_conn"),
+ ("database", "sql_alchemy_engine_args"),
+ ("sentry", "sentry_dsn"),
Review Comment:
These aren't deprecated? Move them up.
There is probably a deprecated peer for the engine args though.
##########
airflow/config_templates/config.yml:
##########
@@ -662,6 +663,7 @@ logging:
log files will be deleted after they are uploaded to remote location.
version_added: 2.6.0
type: string
+ sensitive: true
Review Comment:
Does this one need to be sensitive too?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
