Prowlarr v1.13: Passwords and API keys are obfuscated in API responses

[Callum027]

Prowlarr v1.13 introduced a change where any passwords or API keys returned via the API (and to the UI) are obfuscated with * characters.

This makes it impossible to idempotently check and update resources with API keys or passwords in them. It also means the values returned by the API no longer satisfy the value constraints Buildarr places on the configuration.

2024-04-25 15:32:04,558 buildarr:82 buildarr.cli.run [INFO] Finished updating configuration on remote instances
2024-04-25 15:32:04,559 buildarr:82 buildarr.cli.run [INFO] Deleting unmanaged/unused resources on remote instances
2024-04-25 15:32:04,559 buildarr:82 buildarr.cli.run [INFO] <prowlarr> (default) Refetching remote configuration to delete unused resources
Traceback (most recent call last):
  File "/usr/local/bin/buildarr", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1157, in __call__
    return self.main(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1078, in main
    rv = self.invoke(ctx)
         ^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1688, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1434, in invoke
    return ctx.invoke(self.callback, **ctx.params)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 783, in invoke
    return __callback(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/cli/run.py", line 101, in run
    _run(use_plugins)
  File "/usr/local/lib/python3.11/site-packages/buildarr/cli/run.py", line 273, in _run
    remote_instance_config = manager.from_remote(instance_config, instance_secrets)
                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/manager/__init__.py", line 171, in from_remote
    return instance_config.from_remote(secrets)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/__init__.py", line 169, in from_remote
    settings=ProwlarrSettings.from_remote(secrets),
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/config/base.py", line 85, in from_remote
    fields[field_name] = field.type_.from_remote(secrets)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/config/base.py", line 85, in from_remote
    fields[field_name] = field.type_.from_remote(secrets)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/settings/apps/applications.py", line 695, in from_remote
    definitions={
                ^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/settings/apps/applications.py", line 698, in <dictcomp>
    ]._from_remote(
      ^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/settings/apps/applications.py", line 178, in _from_remote
    return cls(
           ^^^^
  File "pydantic/main.py", line 341, in pydantic.main.BaseModel.__init__
pydantic.error_wrappers.ValidationError: 1 validation error for RadarrApplication
api_key
  ensure this value has at least 32 characters (type=value_error.any_str.min_length; limit_value=32)

As a temporary workaround to get Buildarr working for users again, loosen the restrictions

Related:

• https://github.com/buildarr/buildarr-sonarr/issues/34
• https://github.com/buildarr/buildarr-radarr/issues/20
• https://github.com/buildarr/buildarr/discussions/198