potiuk opened a new issue, #59838: URL: https://github.com/apache/airflow/issues/59838
### Body We agreed via [LAZY CONSENSUS](https://lists.apache.org/thread/3dhzqvpw4z2x0wfokpmdncsjwws86zcs) that we will not espose sensitive information over the public API (exception is task-sdk API). This is a meta-issue describing what needs to be done. Sub-issues are created to complete the work. This means: 1) we want to make it crystal clear that no APIs ever expose sensitive data 2) we should remove export (import can stay) via UI - and leave a comment that export is only available via local CLI 3) the "sensitive data not exposed over API" is also present in airflow-ctl - this means that airflow-ctl should never expose sensitive data (including connections, variables, config, export) 4) the "expose config" [5] - will only accept "false" and "non-sensitive-only". The "true" will be rejected. There is also an impact to local CLI, even if local CLI user has access to all data anyway: 5) local CLI * list (connections, variables, config) only by default returns "keys" - and it will only return values when `--show-values` is passed as command line option (with clear comment in help that this option **might** show sensitive data, also when we do `* list` command without `--show-values` we emit stderr output explaining that potentially sensitive data is hidden and you need to specify `--show-values` to see them 6) the local CLI * get commands are unaffected (those are more likely already used as CLI API 7) we remove connections list --conn-id as it is equivalent to connections get ### Committer - [x] I acknowledge that I am a maintainer/committer of the Apache Airflow project. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
