Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sonarr V4: Passwords and API keys are obfuscated #34

Open
Callum027 opened this issue Nov 12, 2023 · 4 comments
Open

Sonarr V4: Passwords and API keys are obfuscated #34

Callum027 opened this issue Nov 12, 2023 · 4 comments
Assignees
@Callum027
Labels
bug Something isn't working
Milestone
v0.8.0

Comments

@Callum027
Copy link
Member

Callum027 commented Nov 12, 2023
edited
Loading

#34

Sonarr V4 introduced a change where any passwords or API keys returned via the API (and to the UI) are obfuscated with * characters.

This makes it impossible to idempotently check and update resources with API keys or passwords in them.

I have created an issue upstream, to see if a solution to this issue can be reached.

Upstream issue: Sonarr/Sonarr#6169
@Callum027 Callum027 added the bug Something isn't working label Nov 12, 2023
@Callum027 Callum027 self-assigned this Nov 12, 2023
@Callum027
Copy link
Member Author

Upstream has decided on not providing a way to detect if a password was actually changed or not, but ensuring that notification connections, and other resources, are not re-tested if no parameters have changed.

This is not ideal, but I can rework the password handling to hopefully reduce the impact of this.

@Callum027 Callum027 added this to the v0.8.0 milestone Mar 1, 2024
@jvrobert
Copy link

jvrobert commented Apr 6, 2024

I had a related issue but I figured out it wasn't what I thought it was. Seems prowlarr is doing the same thing, so seems when you refetch to validate you get the '****' and it fails validation. I can open a separate ticket if you'd like but these all seem like same general issue.

2024-04-06 12:28:25,565 buildarr:1 buildarr.cli.run [INFO] <prowlarr> (default) Refetching remote configuration to delete unused resources
Traceback (most recent call last):
  File "/usr/local/bin/buildarr", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1157, in __call__
    return self.main(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1078, in main
    rv = self.invoke(ctx)
         ^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1688, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1434, in invoke
    return ctx.invoke(self.callback, **ctx.params)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/click/core.py", line 783, in invoke
    return __callback(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/cli/run.py", line 101, in run
    _run(use_plugins)
  File "/usr/local/lib/python3.11/site-packages/buildarr/cli/run.py", line 273, in _run
    remote_instance_config = manager.from_remote(instance_config, instance_secrets)
                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/manager/__init__.py", line 171, in from_remote
    return instance_config.from_remote(secrets)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/__init__.py", line 169, in from_remote
    settings=ProwlarrSettings.from_remote(secrets),
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/config/base.py", line 85, in from_remote
    fields[field_name] = field.type_.from_remote(secrets)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr/config/base.py", line 85, in from_remote
    fields[field_name] = field.type_.from_remote(secrets)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/settings/apps/applications.py", line 695, in from_remote
    definitions={
                ^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/settings/apps/applications.py", line 698, in <dictcomp>
    ]._from_remote(
      ^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/buildarr_prowlarr/config/settings/apps/applications.py", line 178, in _from_remote
    return cls(
           ^^^^
  File "/usr/local/lib/python3.11/site-packages/pydantic/main.py", line 341, in __init__
    raise validation_error
pydantic.error_wrappers.ValidationError: 1 validation error for SonarrApplication
api_key
  ensure this value has at least 32 characters (type=value_error.any_str.min_length; limit_value=32)

@Callum027
Copy link
Member Author

Hi @jvrobert, thanks for reporting the issue, and sorry for the late reply.

I have had another user report the same thing regarding Prowlarr. I will make a new release of the Prowlarr plugin to resolve the issue in the interim, while I come up with a more permanent solution for handling this.

@Callum027 Callum027 mentioned this issue Apr 26, 2024
Open
@Callum027
Copy link
Member Author

Hi @jvrobert, I have released a fix for this issue in the following packages:

Please let me know if this resolves your problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Callum027 Callum027

Labels
bug Something isn't working
Projects
None yet
Milestone
v0.8.0
Development

No branches or pull requests
2 participants
@jvrobert @Callum027