[FLINK-14047] Hide secret values when displaying user configuration/global job parameters in web UI - ASF JIRA

Agile Board

Rank to Top

Rank to Bottom

Attach files

Attach Screenshot

Bulk Copy Attachments

Bulk Move Attachments

Voters

Watch issue

Watchers

Create sub-task

Convert to sub-task

Link

Clone

Labels

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Implemented
Affects Version/s: 1.8.1, 1.9.0, 1.10.0
Fix Version/s: 1.10.0
Component/s: Runtime / REST, Runtime / Web Frontend
Labels:
- pull-request-available

Description

A user requested the feature to hide secret values when displaying the user configuration/global job parameters in the web UI. Ideally, there is a way to denote keys which contain secret values so that the JobConfigHandler excludes them from the response.

For the cluster level configuration Flink supports a similar functionality. The ClusterConfigHandler replaces the values of all keys which contain one of the strings specified in GlobalConfiguration.SENSITIVE_KEYS, which is currently defined as ["password", "secret"], with GlobalConfiguration.HIDDEN_CONTENT. That way Flink hides the sensitive information.