[GitHub] feng-tao commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
feng-tao commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY URL: https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412982701 sounds good @ashb . Let's go ahead to merge this pr to unblock master and document the functionality you mentioned later. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] feng-tao commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
feng-tao commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY URL: https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412982734 thanks @XD-DENG for fixing the issue. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] feng-tao commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
feng-tao commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY URL: https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412609075 IMO, I would prefer to revert the orignal prs and improve the secret_key config documentation. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] feng-tao commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
feng-tao commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY URL: https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412608140 looking at this https://github.com/apache/incubator-airflow/pull/3651 pr, I am wondering whether we could do better than use random function to assign the value to secret_key. I felt the better approach is to have a random key store in an internal key management service(this should be common for company, lyft uses https://github.com/lyft/confidant) and assign it to secret_key in the config file. This will make sure the key is random but uniform across all the webservers. What do you think @Fokko , @XD-DENG ? This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] feng-tao commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
feng-tao commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY URL: https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412192087 hey @XD-DENG , it seems that it will still be an issue if we have a cluster for webservers based on the comment in https://issues.apache.org/jira/browse/AIRFLOW-2866. What do you think? cc @Fokko , @kaxil as they comment / approve the original prs. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services