search

buildarr / buildarr-sonarr

Sonarr PVR plugin for Buildarr
https://buildarr.github.io/plugins/sonarr
GNU General Public License v3.0
2 stars 4 forks source link

Sonarr V4: Passwords and API keys are obfuscated #34

Open Callum027 opened 10 months ago

Callum027 commented 10 months ago

34

Sonarr V4 introduced a change where any passwords or API keys returned via the API (and to the UI) are obfuscated with * characters.

This makes it impossible to idempotently check and update resources with API keys or passwords in them.

I have created an issue upstream, to see if a solution to this issue can be reached.

Upstream issue: https://github.com/Sonarr/Sonarr/issues/6169

Callum027 commented 6 months ago

Upstream has decided on not providing a way to detect if a password was actually changed or not, but ensuring that notification connections, and other resources, are not re-tested if no parameters have changed.

This is not ideal, but I can rework the password handling to hopefully reduce the impact of this.

jvrobert commented 5 months ago

I had a related issue but I figured out it wasn't what I thought it was. Seems prowlarr is doing the same thing, so seems when you refetch to validate you get the '****' and it fails validation. I can open a separate ticket if you'd like but these all seem like same general issue.

2024-04-06 12:28:25,565 buildarr:1 buildarr.cli.run [INFO] <prowlarr> (default) Refetching remote configuration to delete unused resources
Traceback (most recent call last):
  File "/usr/local/bin/buildarr", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1157, in __call__
    return self.main(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1078, in main
    rv = self.invoke(ctx)
         ^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1688, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1434, in invoke
    return ctx.invoke(self.callback, **ctx.params)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 783, in invoke
    return __callback(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/cli/run.py", line 101, in run
    _run(use_plugins)
  File "/usr/local/lib/python3.11/site-packages/buildarr/cli/run.py", line 273, in _run
    remote_instance_config = manager.from_remote(instance_config, instance_secrets)
                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/manager/__init__.py", line 171, in from_remote
    return instance_config.from_remote(secrets)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/__init__.py", line 169, in from_remote
    settings=ProwlarrSettings.from_remote(secrets),
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/config/base.py", line 85, in from_remote
    fields[field_name] = field.type_.from_remote(secrets)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/config/base.py", line 85, in from_remote
    fields[field_name] = field.type_.from_remote(secrets)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/settings/apps/applications.py", line 695, in from_remote
    definitions={
                ^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/settings/apps/applications.py", line 698, in <dictcomp>
    ]._from_remote(
      ^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/settings/apps/applications.py", line 178, in _from_remote
    return cls(
           ^^^^
  File "/usr/local/lib/python3.11/site-packages/pydantic/main.py", line 341, in __init__
    raise validation_error
pydantic.error_wrappers.ValidationError: 1 validation error for SonarrApplication
api_key
  ensure this value has at least 32 characters (type=value_error.any_str.min_length; limit_value=32)
Callum027 commented 4 months ago

Hi @jvrobert, thanks for reporting the issue, and sorry for the late reply.

I have had another user report the same thing regarding Prowlarr. I will make a new release of the Prowlarr plugin to resolve the issue in the interim, while I come up with a more permanent solution for handling this.

Callum027 commented 4 months ago

Hi @jvrobert, I have released a fix for this issue in the following packages:

Please let me know if this resolves your problem.