[
https://issues.apache.org/jira/browse/FLINK-36456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated FLINK-36456:
-----------------------------------
Labels: pull-request-available (was: )
> Improve Security in DatadogHttpReporterFactory by providing ENV alternative
> to retrieve API key
> -----------------------------------------------------------------------------------------------
>
> Key: FLINK-36456
> URL: https://issues.apache.org/jira/browse/FLINK-36456
> Project: Flink
> Issue Type: Improvement
> Components: Runtime / Configuration
> Reporter: Raul Garcia
> Priority: Minor
> Labels: pull-request-available
>
> The current implementation of the {{DatadogHttpReporterFactory}} class
> retrieves the Datadog API key from the Flink configuration. In Kubernetes
> environments, this typically means storing the API key in ConfigMaps, which
> can expose sensitive information in plain text. Since ConfigMaps are not
> designed to hold secrets, this approach poses potential security risks.
> My proposal is to fallback to {{DD_API_KEY}} which is the standard way of
> passing the API key to containers and it's usually available in the
> environment.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
