Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make auth.conf contents Sensitive #953

Merged
merged 2 commits into from
Nov 23, 2020
Merged

Make auth.conf contents Sensitive #953

merged 2 commits into from
Nov 23, 2020

Conversation

suchpuppet
Copy link

This wraps the contents of the /etc/apt/auth.conf File resource as Sensitive so any credentials in that file are not exposed during report submissions or logged.

With this small update, changing anything in the apt::auth_conf_entries parameter just looks like this instead of exposing credentials:

Notice: /Stage[apt]/Apt/File[/etc/apt/auth.conf]/content: [diff redacted]
Info: Computing checksum on file /etc/apt/auth.conf
Info: /Stage[apt]/Apt/File[/etc/apt/auth.conf]: Filebucketed /etc/apt/auth.conf to puppet with sum 3d54e011cdf7ed574c9af84375a27093
Notice: /Stage[apt]/Apt/File[/etc/apt/auth.conf]/content: changed [redacted] to [redacted]
Info: /Stage[apt]/Apt/File[/etc/apt/auth.conf]: Scheduling refresh of Class[Apt::Update]
Info: Class[Apt::Update]: Scheduling refresh of Exec[apt_update]
Notice: /Stage[apt]/Apt::Update/Exec[apt_update]: Triggered 'refresh' from 1 event

@suchpuppet suchpuppet requested a review from a team as a code owner November 17, 2020 22:17
@puppet-community-rangefinder
Copy link

apt is a class

Breaking changes to this file WILL impact these 237 modules (exact match):
Breaking changes to this file MAY impact these 46 modules (near match):

This module is declared in 233 of 575 indexed public Puppetfiles.

These results were generated with Rangefinder, a tool that helps predict the downstream impact of breaking changes to elements used in Puppet modules. You can run this on the command line to get a full report.

Exact matches are those that we can positively identify via namespace and the declaring modules' metadata. Non-namespaced items, such as Puppet 3.x functions, will always be reported as near matches only.

@suchpuppet
Copy link
Author

I'll need to update the spec tests to account for the new data type. I'll close and re-open whenever I have the time to do that.

@suchpuppet suchpuppet closed this Nov 18, 2020
@suchpuppet suchpuppet reopened this Nov 18, 2020
@puppet-community-rangefinder
Copy link

apt is a class

Breaking changes to this file WILL impact these 237 modules (exact match):
Breaking changes to this file MAY impact these 46 modules (near match):

This module is declared in 233 of 575 indexed public Puppetfiles.

These results were generated with Rangefinder, a tool that helps predict the downstream impact of breaking changes to elements used in Puppet modules. You can run this on the command line to get a full report.

Exact matches are those that we can positively identify via namespace and the declaring modules' metadata. Non-namespaced items, such as Puppet 3.x functions, will always be reported as near matches only.

@suchpuppet suchpuppet closed this Nov 18, 2020
@suchpuppet suchpuppet reopened this Nov 18, 2020
@puppet-community-rangefinder
Copy link

apt is a class

Breaking changes to this file WILL impact these 237 modules (exact match):
Breaking changes to this file MAY impact these 46 modules (near match):

This module is declared in 233 of 575 indexed public Puppetfiles.

These results were generated with Rangefinder, a tool that helps predict the downstream impact of breaking changes to elements used in Puppet modules. You can run this on the command line to get a full report.

Exact matches are those that we can positively identify via namespace and the declaring modules' metadata. Non-namespaced items, such as Puppet 3.x functions, will always be reported as near matches only.

@codecov
Copy link

codecov bot commented Nov 18, 2020
edited
Loading

Codecov Report

Merging #953 (2e8b93f) into main (519f6d2) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #953   +/-   ##
=======================================
  Coverage   72.24%   72.24%           
=======================================
  Files           5        5           
  Lines         263      263           
=======================================
  Hits          190      190           
  Misses         73       73

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8927af4...2e8b93f. Read the comment docs.

@david22swan david22swan self-assigned this Nov 23, 2020
@david22swan
Copy link
Member

david22swan commented Nov 23, 2020
edited
Loading

@suchpuppet
This looks like a good change to me so I'm gonna go ahead and merge it.
Thank you for putting the work in :)

@david22swan david22swan merged commit f9ea9bd into puppetlabs:main Nov 23, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@david22swan david22swan

Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@suchpuppet @david22swan