Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-15377

GET /connectors/{connector}/tasks-config endpoint exposes externalized secret values

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.6.0, 3.4.2, 3.5.2
    • connect
    • None

    Description

      The GET /connectors/{connector}/tasks-config endpoint added in https://cwiki.apache.org/confluence/display/KAFKA/KIP-661%3A+Expose+task+configurations+in+Connect+REST+API exposes externalized secret values in task configurations (see https://cwiki.apache.org/confluence/display/KAFKA/KIP-297%3A+Externalizing+Secrets+for+Connect+Configurations). A similar bug was fixed in https://issues.apache.org/jira/browse/KAFKA-5117 / https://github.com/apache/kafka/pull/6129 for the GET /connectors/{connector}/tasks endpoint. The config provider placeholder should be used instead of the resolved config value.

      Attachments

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            yash.mayya Yash Mayya
            yash.mayya Yash Mayya
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment