Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update the RedactSecrets Regex to Support Satellite Storage Template Secret Parameter Names #190

Closed
aayushsss1 opened this issue Aug 18, 2023 · 2 comments · Fixed by #191
Closed

Update the RedactSecrets Regex to Support Satellite Storage Template Secret Parameter Names #190

aayushsss1 opened this issue Aug 18, 2023 · 2 comments · Fixed by #191
Assignees
@padamstx
Labels
released

Comments

@aayushsss1
Copy link

Due to current developments in providing Terraform support for satellite storage configurations, the names of secret parameters within storage templates that are used in the creation of these configurations are visible in the Terraform Logs and are required to be redacted. These secret parameters of storage templates vary in name depending on the provider (Eg : RedHat, AWS, Azure etc) and are as follows -

Redhat
ibm-cos-access-key
ibm-cos-secret-key
iam-api-key
kms-root-key
kms-api-key

AWS
aws-access-key
aws-secret-access-key

Azure
tenantId
subscriptionId
aadClientId
aadClientSecret

Google
project_id
private_key_id
private_key
client_email
client_id
auth_uri
token_uri
auth_provider_x509_cert_url
client_x509_cert_url

IBM
primary-gui-api-user
primary-gui-api-password
owning-gui-api-user
owning-gui-api-password
g2_api_key

NetApp
username
password

VMware
vcenter-username
vcenter-password
thumbprint

A possible solution would be to add the following keywords to the existing regex -

key, secret, thumbprint, auth, project_id, client_id, client_email, tenantId, subscriptionId, aadClientId, aadClientSecret, auth_uri, token_uri, auth_provider_x509_cert_url, client_x509_cert_url
@padamstx padamstx self-assigned this Aug 21, 2023
padamstx added a commit that referenced this issue Aug 21, 2023
@padamstx
fix(RedactSecrets): add additional keywords to be redacted
c9ded9d 
Fixes: #190
Signed-off-by: Phil Adams <phil_adams@us.ibm.com>
@padamstx padamstx mentioned this issue Aug 21, 2023
Merged
@padamstx
Copy link
Member

PR: #191

padamstx added a commit that referenced this issue Aug 22, 2023
@padamstx
fix(RedactSecrets): add additional keywords to be redacted (#191)
d176568 
Fixes: #190

Signed-off-by: Phil Adams <phil_adams@us.ibm.com>
ibm-devx-sdk pushed a commit that referenced this issue Aug 22, 2023
@semantic-release-bot
chore(release): 5.14.1 release notes [skip ci]
030f198 
## [5.14.1](v5.14.0...v5.14.1) (2023-08-22)

### Bug Fixes

* **RedactSecrets:** add additional keywords to be redacted ([#191](#191)) ([d176568](d176568)), closes [#190](#190)
@ibm-devx-sdk
Copy link

🎉 This issue has been resolved in version 5.14.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@padamstx padamstx

Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(RedactSecrets): add additional keywords to be redacted IBM/go-sdk-core
3 participants
@padamstx @aayushsss1 @ibm-devx-sdk