What would you like to happen?
I currently have a large number of projects that I'm migrating from Pentaho to Hop and I would like to replace Obfuscation Encoding with AES2 Encoding however I need separate keys per project and environment.
To support this and to better improve security when running Hop via a Kubernetes container I am proposing the following solutions:
- Add a new HOP_AES_ENCODER_KEY_FILE property which is the resolved path to a file containing the AES key
- Add init(String passwordEncoderPluginID, IVariables variables) to org.apache.hop.core.encryption.ITwoWayPasswordEncoder interface and update existing implementations of Two Way Password Encoder
- Update org.apache.hop.projects.project.Project.modifyVariables() to call Encr.init(passwordEncoderPluginID, variables) after described variables have been read.
Then in env-config.json the variable HOP_PASSWORD_ENCODER_PLUGIN=AES and HOP_AES_ENCODER_KEY_FILE=${PROJECT_HOME}/.aes.key could be set and when a new project/environment is selected from the GUI it will reinitialise the ITwoWayPasswordEncoder with the appropriate values.
Issue Priority
Priority: 3
Issue Component
Component: Hop Gui
What would you like to happen?
I currently have a large number of projects that I'm migrating from Pentaho to Hop and I would like to replace Obfuscation Encoding with AES2 Encoding however I need separate keys per project and environment.
To support this and to better improve security when running Hop via a Kubernetes container I am proposing the following solutions:
Then in env-config.json the variable HOP_PASSWORD_ENCODER_PLUGIN=AES and HOP_AES_ENCODER_KEY_FILE=${PROJECT_HOME}/.aes.key could be set and when a new project/environment is selected from the GUI it will reinitialise the ITwoWayPasswordEncoder with the appropriate values.
Issue Priority
Priority: 3
Issue Component
Component: Hop Gui