Hi Zeppelin Devs
I am desperately looking for an option not to store the data source
passwords in my spark/livy notebooks, but I didn't find it.
But I found https://issues.apache.org/jira/browse/ZEPPELIN-1070 where
others are also waiting for this feature.
Unfortunately credentials in Spark/Livy Notebooks can be required on any
arbitrary position in the notebook, unless we hard-code something like
specific datasources which should then be used.
My suggestion: add something like form variables to be replaced with the
stored credentials.
I implemented this feature with the following syntax:
$[user.<credentialkey>] will be replaced with the username of the
credential with the key <credentialkey>
$[user.<credentialkey>] will be replaced with the password of the
credential with the key <credentialkey>
To not accidentially expose the password from the credential I would
scan the return messages and replace all occurrences of the password.
This hack is not aiming to be a security feature (assuming that the
person running the notebook knows his password anyway), but helpful to
not expose the password due to REPL-Response.
You can find my implementation here:
https://github.com/pellmont/zeppelin/tree/ZEPPELIN-1070
Let me know what you think, if this could be a way to go I would start a
pull request.
Pascal
