github-advanced-security[bot] commented on code in PR #46891:
URL: https://github.com/apache/airflow/pull/46891#discussion_r2206000404
##########
kubernetes-tests/tests/kubernetes_tests/test_base.py:
##########
@@ -60,13 +61,22 @@
temp_dir = Path(tempfile.gettempdir()) # Refers to global temp directory,
in linux it usual "/tmp"
session: requests.Session
test_id: str
+ use_fab_auth_manager: bool = os.environ.get("USE_FAB_AUTH_MANAGER",
"true").lower() == "true"
+ password: str = "admin" # Default password for FAB auth manager
@pytest.fixture(autouse=True)
def base_tests_setup(self, request):
# Replacement for unittests.TestCase.id()
self.test_id = f"{request.node.cls.__name__}_{request.node.name}"
# Ensure the api-server deployment is healthy at kubernetes level
before calling the any API
self.ensure_resource_health("airflow-api-server")
+ if not self.use_fab_auth_manager:
+ # If we are not using FAB auth manager, we need to retrieve the
admin password from
+ # the airflow-api-server pod
+ self.password =
self.get_generated_admin_password(namespace="airflow")
+ print(f"Using retrieved admin password for API calls:
{self.password}")
Review Comment:
## Clear-text logging of sensitive information
This expression logs [sensitive data (password)](1) as clear text.
[Show more
details](https://github.com/apache/airflow/security/code-scanning/501)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
