Skip to content

Ignore DAG content in Create Workflow API

Abhiman Neelakanteswara requested to merge feature/ignore_dag_content into master

Motivation

POST /workflow API used to create new workflows accepts python script under dagContent attribute. As there is no vulnerability scan done on this script presently, it poses a security concern of malicious script injection.

Changes

To temporarily handle this concern until a more robust solution is in place, the dagContent is being ignored based on osdu.azure.airflow.ignoreDagContent value to be set in application.properties of the provider module before deploying. For ease of setting this variable, it has been made an deployment environment variable as ignore_dagContent

Edited by Abhiman Neelakanteswara

Merge request reports