exceptionfactory commented on pull request #4857: URL: https://github.com/apache/nifi/pull/4857#issuecomment-805814048
Just to summarize the latest changes, after some additional discussion with @markap14, he suggested that implementing a simplified command for setting the Sensitive Properties Key to make the migration path easier for current users with blank keys. The most recent commit includes an update to `nifi.sh` to support the following: `nifi.sh set-sensitive-properties-key <sensitivePropertiesKey>` The script passes the new key to the command class, which reads the current key from `nifi.properties` and falls back to the internal default value if the existing value is blank. This approach required refactoring the PropertyEncryptor classes to a separate module named `nifi-property-encryptor`. The new command class is located under `nifi-flow-encryptor`. The existing `ConfigEncryptionTool` continues to work, but contained a lot of the same code, so this change provided an opportunity to refactor `ConfigEncryptionTool` to leverage the `PropertyEncryptor` interface. This simplifies `ConfigEncryptionTool` and also removes code that diverged from the standard property encryption approach. With these changes, the Admin Guide now includes a new section describing the `set-sensitive-properties-key` command. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
