The application writes the database password (from the DB_USER_PASSWORD environment variable) into the Dropwizard runtime YAML configuration without quoting. Passwords containing YAML special characters ([ ] { } # etc) cause a parse failure at startup:
Malformed YAML at line: 209, column: 49; while parsing a flow sequence
password: [eUtyO5BWqQ07+s#rg!K8c3LGQW=4P(k ...
The Helm chart correctly passes the password through K8s secrets and env vars. The issue is in the application's config generation — the env var value is interpolated into YAML without being quoted or escaped.
This is common with auto-generated passwords from managed database services (e.g. Cloud SQL managed users) which use the full printable character set.
Workaround: Use passwords without YAML-hostile characters.
- OpenMetadata version: 1.12.3
- Deployed via Helm on GKE with external Cloud SQL (PostgreSQL 17)
The application writes the database password (from the
DB_USER_PASSWORDenvironment variable) into the Dropwizard runtime YAML configuration without quoting. Passwords containing YAML special characters ([]{}#etc) cause a parse failure at startup:The Helm chart correctly passes the password through K8s secrets and env vars. The issue is in the application's config generation — the env var value is interpolated into YAML without being quoted or escaped.
This is common with auto-generated passwords from managed database services (e.g. Cloud SQL managed users) which use the full printable character set.
Workaround: Use passwords without YAML-hostile characters.