rusackas commented on code in PR #40649:
URL: https://github.com/apache/superset/pull/40649#discussion_r3338272222
##########
superset/initialization/__init__.py:
##########
@@ -691,6 +695,32 @@ def check_guest_token_secret(self) -> None:
)
sys.exit(1)
+ def check_async_query_secret(self) -> None:
+ """Refuse to start with the default async JWT secret when GAQ is
enabled."""
+ if not feature_flag_manager.is_feature_enabled("GLOBAL_ASYNC_QUERIES"):
+ return
+ if (
+ self.config.get("GLOBAL_ASYNC_QUERIES_JWT_SECRET")
+ != CHANGE_ME_GLOBAL_ASYNC_QUERIES_JWT_SECRET
+ ):
+ return
+ self._log_config_warning(
+ "GLOBAL_ASYNC_QUERIES is enabled but
GLOBAL_ASYNC_QUERIES_JWT_SECRET "
+ "has not been changed from its default value.\n"
+ "The default value is publicly known and must be replaced before "
+ "running in production.\n"
+ "Set a strong random value (at least 32 bytes) in
superset_config.py:\n"
+ " GLOBAL_ASYNC_QUERIES_JWT_SECRET = "
+ "'<output of: openssl rand -base64 42>'"
+ )
+ if self.superset_app.debug or self.superset_app.config["TESTING"] or
is_test():
+ return
Review Comment:
Valid concern. The early return in debug/testing mode means the default
secret value still reaches configure_async_queries() later. However, that path
is already guarded by the GLOBAL_ASYNC_QUERIES feature flag check in init_app —
if the flag is disabled, init_app exits early. If the flag is enabled in debug
mode with the default secret, the warning is intentional rather than a hard
stop. The strict rejection applies only in production as documented.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
