Skip to content

Ignore DAG content in Create Workflow API

Abhiman Neelakanteswara requested to merge feature/ignore_dag_content into master


POST /workflow API used to create new workflows accepts python script under dagContent attribute. As there is no vulnerability scan done on this script presently, it poses a security concern of malicious script injection.


To temporarily handle this concern until a more robust solution is in place, the dagContent is being ignored based on value to be set in of the provider module before deploying. For ease of setting this variable, it has been made an deployment environment variable as ignore_dagContent

Edited by Abhiman Neelakanteswara

Merge request reports