Skip to content

26.3 -> 0.0.0-dev SECRET_KEY rotation breaks stacklet #753

Description

@sbernauer

Reported in https://stackable-workspace.slack.com/archives/C0AV49795HQ/p1783672917029649

This might also affect Airflow

Affected Stackable version

0.0.0-dev

Affected Apache Superset version

No response

Current and expected behavior

We have a bug when upgrading Superset from 26.3 to nightly. Due to #722 we rotate the SECRET_KEY, resulting in

File "/stackable/app/lib64/python3.12/site-packages/sqlalchemy_utils/types/encrypted/encrypted_type.py", line 128, in decrypt
    raise ValueError('Invalid decryption key')

Possible solution

I guess our operator should carry over the existing connections.secretKey or default to a random secret when creating the superset-secret-key Secret.

Workaround

If you want to temporarily work around it, put your old secretKey (in demos often supersetSecretKey) in the Secret superset-secret-key below SECRET_KEY. It will contain a random value which you override.

Additional context

No response

Environment

No response

Would you like to work on fixing this bug?

yes

Metadata

Metadata

Assignees

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
Development: In Progress

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions