suneet-s commented on a change in pull request #9432: Web console: expose props
for S3
URL: https://github.com/apache/druid/pull/9432#discussion_r394025566
##########
File path: web-console/src/views/load-data-view/load-data-view.tsx
##########
@@ -1076,11 +1076,21 @@ export class LoadDataView extends
React.PureComponent<LoadDataViewProps, LoadDat
<LearnMore href={getIngestionDocLink(spec)} />
</Callout>
{ingestionComboType ? (
- <AutoForm
- fields={getIoConfigFormFields(ingestionComboType)}
- model={ioConfig}
- onChange={c => this.updateSpecPreview(deepSet(spec,
'spec.ioConfig', c))}
- />
+ <>
+ <AutoForm
+ fields={getIoConfigFormFields(ingestionComboType)}
+ model={ioConfig}
+ onChange={c => this.updateSpecPreview(deepSet(spec,
'spec.ioConfig', c))}
+ />
+ {deepGet(spec,
'spec.ioConfig.inputSource.properties.secretAccessKey.password') && (
+ <FormGroup>
+ <Callout intent={Intent.WARNING}>
+ Inlining the access key into the ingestion spec is
dangerous as it might appear
+ in server log files and can be seen by anyone accessing
this console.
Review comment:
@maytasm3 are you worried that the environment password provider might go
away in the future? Or that we might provide a better way in the future and
this text will be out of sync.
The reason I thought of this was because if I landed on this page, and saw
the warning as is - I'd feel like I was at a dead end without an idea of how to
proceed
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
