hussein-awala commented on code in PR #36801: URL: https://github.com/apache/airflow/pull/36801#discussion_r1452760548
########## docs/apache-airflow/authoring-and-scheduling/deferring.rst: ########## @@ -201,28 +201,10 @@ Sensitive information in triggers ''''''''''''''''''''''''''''''''' Triggers are serialized and stored in the database, so they can be re-instantiated on any triggerer process. This means that any sensitive information you pass to a trigger will be stored in the database. -If you want to pass sensitive information to a trigger, you can encrypt it before passing it to the trigger, and decrypt it inside the trigger, or update the argument name in the ``serialize`` method by adding ``encrypted__`` as a prefix, and Airflow will automatically encrypt the argument before storing it in the database, and decrypt it when it is read from the database. +Since Airflow 2.8.1, all the string values in the serialized trigger are encrypted before storing them in the database, and decrypted when they are read from the database. This means that the sensitive information is not stored in plain text in the database anymore. Review Comment: @ephraimbuddy in case you want to move it to 2.9.0, we need to commit this suggestion before merging. ```suggestion Since Airflow 2.9.0, all the string values in the serialized trigger are encrypted before storing them in the database, and decrypted when they are read from the database. This means that the sensitive information is not stored in plain text in the database anymore. ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
