buschtoens opened a new issue, #31983: URL: https://github.com/apache/superset/issues/31983
### Bug description When using [`superset import_datasources`](https://github.com/apache/superset/blob/5fe6ef268ec5b136f911ccfe05fb8bdd7fc7a79f/docs/docs/configuration/importing-exporting-datasources.mdx#importing-datasources) the `sqlalchemy_uri` is imported as-is, without encrypting the password, keeping it as clear text. ### Steps to Reproduce 1. Create `/app/configs/import_datasources.yaml` (e.g. using [`extraConfigs`](https://github.com/apache/superset/blob/5fe6ef268ec5b136f911ccfe05fb8bdd7fc7a79f/docs/docs/installation/kubernetes.mdx#data-sources)). Include the full `sqlalchemy_uri` with clear text password. ```yaml databases: - database_name: Example sqlalchemy_uri: 'postgresql://user:[email protected]:5432/superset_data' cache_timeout: null expose_in_sqllab: true allow_run_async: false allow_ctas: true allow_cvas: true allow_dml: true allow_csv_upload: false extra: | { "metadata_params": {}, "engine_params": {}, "metadata_cache_timeout": {}, "schemas_allowed_for_csv_upload": [] } ``` 2. Import via [`init.initScript`](https://github.com/apache/superset/blob/5fe6ef268ec5b136f911ccfe05fb8bdd7fc7a79f/helm/superset/values.yaml#L773-L776) or manually: ```sh superset import_datasources -p /app/configs/import_datasources.yaml ``` ### Expectation - The password in the `sqlalchemy_uri` field in the `dbs` table is redacted, as if editing via the web UI. Example: `postgresql://user:[email protected]:5432/superset_data` - The `password` field in the `dbs` table is set to the respective encrypted password. - The DB connection works. ### Actual - The password in the `sqlalchemy_uri` field in the `dbs` table is kept as-is, readable in clear text, even in the web UI. Example: `postgresql://user:[email protected]:5432/superset_data` - The `password` field in the `dbs` table is kept as `NULL`. - The DB connection works nevertheless. ✅ ### Screenshots/recordings  ### Superset version 4.1.1 ### Python version Not applicable ### Node version Not applicable ### Browser Not applicable ### Additional context ### Use Case / Justification Automatically setting up data sources as part of a Helm chart deployment. ### Checklist - [x] I have searched Superset docs and Slack and didn't find a solution to my problem. - [x] I have searched the GitHub issue tracker and didn't find a similar bug report. - [x] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
