Why `playload` field of `secrets` table store plain password

airbytehq / airbyte

The leading data integration platform for ETL / ELT data pipelines from APIs, databases & files to data warehouses, data lakes & data lakehouses. Both self-hosted and Cloud-hosted.

https://airbyte.com

Other

15.48k stars 3.99k forks source link

Why `playload` field of `secrets` table store plain password #14334

Open zczhuohuo opened 2 years ago

zczhuohuo commented 2 years ago

Tell us about the problem you're trying to solve

It turns out that playload field of secrets store plain password, while configuration field of actor table stores encrypted secrets. Is it this a design error?

Describe the solution you’d like

playload field of secrets should be encrypted as configuration field of actor table

Describe the alternative you’ve considered or used

None

Additional context

Are you willing to submit a PR?

marcosmarxm commented 2 years ago

Thanks for bringing this up @zczhuohuo. Airbyte moved from the config file system and now stores all secret and config in the database. There is a future step to obfuscate the secrets inside this table but today this is expected.