Fokko commented on issue #4225: [AIRFLOW-3383] Rotate fernet keys. URL: https://github.com/apache/incubator-airflow/pull/4225#issuecomment-441568755 Ideally, this isn't anything that I would use. In my case I would: - Don't store all the credentials in Airflow itself, but connect to an external credential system such as Google KMS, or Azure Keyvault, Hashicorp vault, etc. - When provisioning a new Airflow instance, first deploy it, and then set all the credentials again programmatically. We don't want to manually enter all the credentials because that is a very brittle process. Therefore this should be automated. If you update you Fernet key, you could update your credentials as well. What do you think?
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
