chore(metadata) Addressing vulnerabilities (#10296)

rtekal · web-flow · commit 996e5b013014 · 2024-04-19T12:53:50.000-07:00
diff --git a/metadata-ingestion/docs/sources/presto/presto_recipe.yml b/metadata-ingestion/docs/sources/presto/presto_recipe.yml
@@ -7,7 +7,7 @@ source:
 
     # Credentials
     username: foo
-    password: datahub
+    password: password
 
 sink:
   # sink configs
diff --git a/metadata-ingestion/docs/sources/trino/trino_recipe.yml b/metadata-ingestion/docs/sources/trino/trino_recipe.yml
@@ -7,7 +7,7 @@ source:
 
     # Credentials
     username: foo
-    password: datahub
+    password: password
 
     # If you need to connect to Trino over http and not https, uncomment this section.
     # options:
diff --git a/metadata-ingestion/src/datahub/ingestion/source/powerbi_report_server/report_server.py b/metadata-ingestion/src/datahub/ingestion/source/powerbi_report_server/report_server.py
@@ -157,7 +157,7 @@ def requests_get(self, url_http: str, url_https: str, content_type: str) -> Any:
             response = requests.get(
                 url=url_https,
                 auth=self.get_auth_credentials,
-                verify=False,
+                verify=True,
             )
         except ConnectionError:
             LOGGER.info("Request to Report URL={}".format(url_http))
diff --git a/metadata-ingestion/src/datahub/ingestion/source/pulsar.py b/metadata-ingestion/src/datahub/ingestion/source/pulsar.py
@@ -116,7 +116,7 @@ def __init__(self, config: PulsarSourceConfig, ctx: PipelineContext):
                 f"{self.config.issuer_url}/.well-known/openid-configuration"
             )
             oid_config_response = requests.get(
-                oid_config_url, verify=False, allow_redirects=False
+                oid_config_url, verify=self.session.verify, allow_redirects=False
             )
 
             if oid_config_response:
@@ -163,7 +163,7 @@ def get_access_token(self) -> str:
                 token_response = requests.post(
                     url=token_endpoint,
                     data=data,
-                    verify=False,
+                    verify=self.session.verify,
                     allow_redirects=False,
                     auth=(
                         self.config.client_id,

Original file line number	Diff line number	Diff line change
`@@ -157,7 +157,7 @@ def requests_get(self, url_http: str, url_https: str, content_type: str) -> Any:`
`157`	`157`	`response = requests.get(`
`158`	`158`	`url=url_https,`
`159`	`159`	`auth=self.get_auth_credentials,`
`160`		`- verify=False,`
	`160`	`+ verify=True,`
`161`	`161`	`)`
`162`	`162`	`except ConnectionError:`
`163`	`163`	`LOGGER.info("Request to Report URL={}".format(url_http))`