Andy, That's exactly what I had in mind, but without a separate textbox
popping up. What I had originally though, there is a checkbox instead of a
button named "Use Variables". If it is checked, whatever the user types,
AJAX comes in to play and suggests ( auto-completion ) variables that the
user
That is a fair point about the list of variables potentially being
long, we would probably want to get some UI/UX recommendations from
the folks that have worked in that are the most.
In practice I wonder if it would really be an issue though...
The variables that would be selectable would only b
Initially when I thought of this, I imagined that we can still leverage
`PropertyDescriptor` and just add new method(s) to handle the sensitive
variables. Some thought has to be put on this.
*"It would provide a list of variables that are readable to the current
user and one can be selected"*
I th
The policy model would need more thought, but the point would be that
a user can select variable references they have been given permission
to.
In order to configure the processor that is referencing the variable,
they already need write permissions to that processor, or some parent
in the hierarc
"It would provide a list of variables that are readable to the current user
and one can be selected, just like allowable values or controller services.”
A person may have rights to configure nifi without knowing the “value” of
the secure db password ( for example ), but that doesn’t mean they
don’
There is definitely room for improvement here.
Keep in mind that often the sensitive information is specific to a
given environment. For example you build a flow in dev with your
db.password. You don't actually want your dev db password to be
propagated to the next environment, but you do want to
Hi Sivaprasanna,
This was a topic that was briefly considered earlier in the lifecycle of the
project, but was sidelined due to other developments. With the NiFi Registry
project, there has been renewed interest in securing sensitive values in the
flow and allowing for easier import/export/pers
Hi
Since flowfile attributes and VariableRegistry is not suitable (not safe,
to be specific), developers have to rely on manually configuring the
sensitive values on the components (Processors & ControllerServices). And
during CI/CD (using flow registry), the sensitive information are dropped
and