Adding security warnings to Flask RPCServer (#564)

* Adding security warnings to Flask RPCServer

* lint

* changing documentation url

* f-string

* codacy analysis

Author: kvnkho

fugue/rpc/flask.py

@@ -60,6 +60,7 @@ def __init__(self, conf: Any):
             -1.0 if timeout is None else to_timedelta(timeout).total_seconds()
         )
         self._server: Optional[FlaskRPCServer._Thread] = None
+        self._log = logging.getLogger()
 
     def make_client(self, handler: Any) -> RPCClient:
         """Add ``handler`` and correspondent :class:`~.FlaskRPCClient`
@@ -77,6 +78,14 @@ def make_client(self, handler: Any) -> RPCClient:
 
     def start_server(self) -> None:
         """Start Flask RPC server"""
+        msg = (
+            "Starting RPC server on %s:%s. "
+            "This server has no authentication and relies on network isolation. "
+            "Ensure proper VPC/firewall configuration in production. "
+            "See https://fugue-tutorials.readthedocs.io/tutorials/resources/"
+            "security.html"
+        )
+        self._log.warning(msg, self._host, self._port)
         app = Flask("FlaskRPCServer")
         app.route("/invoke", methods=["POST"])(self._invoke)
         self._server = FlaskRPCServer._Thread(app, self._host, self._port)