♻️ Changed credentials logic in sap_rfc to get credentials from KeyVault #866
Conversation
adrian-wojcik
changed the title
viadot/tasks/sap_rfc.py
Outdated
| saprfc_credentials_key (str, optional): Azure KV secret. Defaults to "SAP". | ||
| env (str, optional): SAP environment. Defaults to "PROD". | ||
| By default, they're taken from the local viadot config. |
There was a problem hiding this comment.
You can modify the docstring because it is a key for the credentials - it can be taken from Azure Key Vault or local config. It depends on what is possible.
Please change for the source and flow as well.
There was a problem hiding this comment.
Changed in task and flow
viadot/tasks/sap_rfc.py
Outdated
| @@ -97,6 +110,9 @@ def run( | |||
| multiple options are automatically tried. Defaults to None. | |||
| replacement (str, optional): In case of sep is on a columns, set up a new character to replace | |||
| inside the string to avoid flow breakdowns. Defaults to "-". | |||
| credentials (dict, optional): The credentials to use to authenticate with SAP. | |||
There was a problem hiding this comment.
| credentials (dict, optional): The credentials to use to authenticate with SAP. | |
| credentials (dict, optional): The credentials to use to authenticate with SAP. Defaults to None. |
There was a problem hiding this comment.
Changed docstring to the old one from flow. And variable name from 'credentials' to 'sap_credentials'
…dentias_key' variables into source class
️✅ There are no secrets present in this pull request anymore.If these secrets were true positive and are still valid, we highly recommend you to revoke them. 🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request. |
viadot/flows/sap_rfc_to_adls.py
Outdated
| @@ -67,6 +69,8 @@ def __init__( | |||
| ... | |||
| ) | |||
| sap_credentials (dict, optional): The credentials to use to authenticate with SAP. By default, they're taken from the local viadot config. | |||
| sap_credentials_key (str, optional): The key for sap credentials located in the local config for Azure Key Vault. Defaults to "SAP". | |||
There was a problem hiding this comment.
I made a wrong suggestion here. Please change for the rest.
| sap_credentials_key (str, optional): The key for sap credentials located in the local config for Azure Key Vault. Defaults to "SAP". | |
| sap_credentials_key (str, optional): The key for sap credentials located in the local config or Azure Key Vault. Defaults to "SAP". |
viadot/tasks/sap_rfc.py
Outdated
| @@ -97,6 +110,9 @@ def run( | |||
| multiple options are automatically tried. Defaults to None. | |||
| replacement (str, optional): In case of sep is on a columns, set up a new character to replace | |||
| inside the string to avoid flow breakdowns. Defaults to "-". | |||
| sap_credentials (dict, optional): The credentials to use to authenticate with SAP. By default, they're taken from the local viadot config. | |||
There was a problem hiding this comment.
In this case by default it is taken from KeyVault (lines 136-141). Default is None and it is taken from KeyVault here in task or local config on the 'source' level (SAPRFC class). Please take a look and adjust docstring.
Summary
Adding additional logic and parameters to sap_rfc connector in order to retrieve credentials from Azure KeyVault.
Importance
Because, it enhances security by securely storing and managing sensitive information, eliminating the need for local storage of such data. Secondly, making Azure Key Vault the primary data source introduces flexibility, enabling seamless updates and rotation of keys and secrets without requiring modifications to the application code, thereby enhancing security levels and facilitating configuration management.
Checklist
This PR:
CONTRIBUTING.mdCHANGELOG.md