Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

superset Flask CLI fails to launch in Debug mode: Refusing to start due to insecure SECRET_KEY #23288

Closed
2 of 3 tasks
cwegener opened this issue Mar 7, 2023 · 7 comments
Closed
2 of 3 tasks

superset Flask CLI fails to launch in Debug mode: Refusing to start due to insecure SECRET_KEY #23288

cwegener opened this issue Mar 7, 2023 · 7 comments
Assignees
@dpgaspar
Labels
#bug Bug report

Comments

@cwegener
Copy link
Contributor

cwegener commented Mar 7, 2023

After #23186 , the superset Flask cli no longer starts unless a non-default SECRET_KEY is configured.

How to reproduce the bug

  1. Checkout PR fix: refuse to start with default secret on non debug envs #23186
  2. Enable Flask Debug: export FLASK_DEBUG=True
  3. Run superset --help
  4. See error: Refusing to start due to insecure SECRET_KEY

Expected results

superset CLI prints out the help page

Actual results

error: Refusing to start due to insecure SECRET_KEY

Environment

(please complete the following information):

Checklist

Make sure to follow these steps before submitting your issue - thank you!

  • I have checked the superset logs for python stacktraces and included it here as text if there are any.
  • I have reproduced the issue with at least the latest released version of superset.
  • I have checked the issue tracker for the same issue and I haven't found one similar.
@cwegener cwegener added the #bug Bug report label Mar 7, 2023
@cwegener
Copy link
Contributor Author

cwegener commented Mar 7, 2023

UPDATE As a workaround when only using built-in Flask commands, substituting superset for flask will fix the problem.

@ngogia20
Copy link

ngogia20 commented Mar 8, 2023

Refusing to start due to insecure SECRET_KEY

Same issue when I run docker-compose -f docker-compose-non-dev.yml up

@cwegener
Copy link
Contributor Author

cwegener commented Mar 9, 2023

Another more reliable workaround is to add TESTING = 1 into your custom superset config file, which is probably more suitable for docker container folks.

@rusackas
Copy link
Member

Can you not just set the secret key to something more custom, as it's warning you to do?

@dpgaspar
Copy link
Member

Assuming you have set your own SECRET_KEY for your environment, if the cli still fails this probably mean the cli is not picking up your config override with your SECRET_KEY

example:

export SUPERSET_CONFIG=superset_config; superset

@cwegener
Copy link
Contributor Author

Assuming you have set your own SECRET_KEY for your environment, if the cli still fails this probably mean the cli is not picking up your config override with your SECRET_KEY

example:

export SUPERSET_CONFIG=superset_config; superset

Nope. I am not setting my own SECRET_KEY. Sorry if that wasn't clear from the original description.

The problem is that PR #23186 does not seem to work as advertised when running in Flask Debug mode.

@cwegener cwegener mentioned this issue Mar 23, 2023
Merged
9 tasks
@rusackas
Copy link
Member

Seems like this is all good now and should've been closed. Let me know if I'm mistaken, and we can re-open with updated context.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dpgaspar dpgaspar

Labels
#bug Bug report
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rusackas @cwegener @dpgaspar @ngogia20