Skip to content

Add integration tests for config sensitive masking in airflowctl #61105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Subham-KRLX wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add integration tests for config sensitive masking in airflowctl #61105

Subham-KRLX wants to merge 3 commits into from
+110 −0

Conversation

@Subham-KRLX
Copy link
Contributor

@Subham-KRLX Subham-KRLX commented Jan 27, 2026

Description

Added integration tests to verify sensitive config values are properly masked end-to-end when using airflowctl with actual Airflow API.

The Airflow API masks sensitive values (like fernet_key, sql_alchemy_conn) as < hidden >. These integration tests confirm that airflowctl correctly preserves and displays those masked values in real scenarios.

Changes

  • Added test_config_sensitive_masking.py to airflow-ctl-tests
  • 3 integration test cases covering:
    • config list command
    • config get for fernet_key
    • config get for sql_alchemy_conn
  • Tests run against actual docker-compose Airflow environment
  • Verifies < hidden > appears in output for sensitive configs

Related PRs

Related Issue

Closes #59843

Testing

# Run from airflow-ctl-tests directory
pytest tests/airflowctl_tests/test_config_sensitive_masking.py -v

@potiuk
Copy link
Member

potiuk commented Jan 27, 2026

Some static checks fail

@Subham-KRLX
Copy link
Contributor Author

Subham-KRLX commented Jan 27, 2026

@potiuk Thanks for pointing that out. I have fixed the static check failures (import sorting) and verified everything locally with pre-commit. The changes are pushed and CI should pass now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@potiuk potiuk Awaiting requested review from potiuk potiuk is a code owner

@ashb ashb Awaiting requested review from ashb ashb is a code owner

@gopidesupavan gopidesupavan Awaiting requested review from gopidesupavan gopidesupavan is a code owner

@amoghrajesh amoghrajesh Awaiting requested review from amoghrajesh amoghrajesh is a code owner

@bugraoz93 bugraoz93 Awaiting requested review from bugraoz93 bugraoz93 is a code owner

@kaxil kaxil Awaiting requested review from kaxil kaxil is a code owner

@jason810496 jason810496 Awaiting requested review from jason810496 jason810496 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Remove config sensitive data from airflowctl

2 participants

@Subham-KRLX @potiuk