Closed MattTriano closed 1 year ago
Upon revisiting that process, it was actually pretty easy (for me, the original implementer) to add new configs, but it would be rather difficult to write clear documentation so that someone else could also easily extend it in a fork. In any case, I added a dev mode to make it easier for such forkers to experiment with adding env-vars without having to hide their existing .env files.
This current implementation shields the user from a lot of potential credential-related bugs, such as:
.env
file (as DWH_POSTGRES_xyz, for use in the connection string the Airflow containers need to set up the db connection via env-var rather than having the user manually define the connection through the UI) and in the separate env.dwh
file (as POSTGRES_xyz), anduid
into the .env
(so that airflow has permission to save and update data files on the host system), and a SECRET_KEY
(so that the flask webservers serving both the Airflow UI and Superset UI on the localhost
don't treat the other as a cross-site request forgery attacks).I still think there's got to be a better way to do this than having a user slog through 15+ prompts where they have to enter passwords, but I'm very pleased by the amount of complexity my implementation shields the user from.
This will involve (at least) adding these to the process and having them output to a
.env.superset
file.The setup process may be a bit cumbersome with these added to the process, and it felt barely maintainable when I initially implemented it. I should rethink the config secrecy strategy.