From e3218dc1c1808ea3fc7803d669070b16a4fd7457 Mon Sep 17 00:00:00 2001 From: Marco Donadoni Date: Thu, 16 May 2024 10:15:26 +0200 Subject: [PATCH] fix(config): read secret key from env (#475) Make sure the secret key is propagated to the Flask app, instead of incorrectly using the default one. --- reana_job_controller/config.py | 9 +++++++++ reana_job_controller/factory.py | 1 - 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/reana_job_controller/config.py b/reana_job_controller/config.py index ae46ee99..c4211555 100644 --- a/reana_job_controller/config.py +++ b/reana_job_controller/config.py @@ -9,11 +9,20 @@ """Flask application configuration.""" import os +import secrets from reana_commons.config import REANA_COMPONENT_PREFIX from werkzeug.utils import import_string + +SECRET_KEY = os.getenv("REANA_SECRET_KEY", secrets.token_hex()) +"""Secret key used for the application user sessions. + +A new random key is generated on every start of job-controller, but this is not an +issues as job-controller is never restarted (and thus the secret never changes) +during the execution of a single workflow.""" + CACHE_ENABLED = False """Determines if jobs caching is enabled.""" diff --git a/reana_job_controller/factory.py b/reana_job_controller/factory.py index 82694734..9d98f337 100644 --- a/reana_job_controller/factory.py +++ b/reana_job_controller/factory.py @@ -48,7 +48,6 @@ def create_app(config_mapping=None): """Create REANA-Job-Controller application.""" logging.basicConfig(level=REANA_LOG_LEVEL, format=REANA_LOG_FORMAT) app = Flask(__name__) - app.secret_key = "mega secret key" app.session = Session app.config.from_object(config) if config_mapping: