Can we allow outputs to _not_ be sensitive? Or enable printing of them anyway? #440
Comments
|
We could update mixin outputs to be more like parameters or bundle outputs wherein they have a |
|
I think it would be confusing to add the field and then default it to true, like Vaughn said. My vote would be to add sensitive, and make it work just like parameters (defaulting to false). Let the user decide if it's sensitive or not. |
|
As I'm working on dependencies, I noticed that we aren't translating the bundle outputs That will let me when I'm reading in outputs from other bundles know when to treat them as sensitive and *** them out. Let me know if I'm brain farting on how writeOnly works though. |
Good point. I agree, it seems we should add this. (Though, I've also not worked w/ JSON Schema's |
|
Ryan explained writeOnly to us a while back in the cnab-spec repo, cnabio/cnab-spec#164 (comment). 😀 |
Consider this scenario:
Step 1.) I use the Azure mixin to make a storage account. I want to use the access key as an output.
Step 2.) I use that access key, via the bundle.output.XXXX reference as a parameter for something else.
Step 3.) I want to print a friendly message like "you should keep this around for later reference" and emit the key.
Because Porter treats all the outputs as sensitive, it gets replaced with some stars.
I can work around this by base64 encoding the output before I use it in the exec mixin to echo the friendly message out, but that might not be super intuitive to all users and might be confusing.
This might be OBE when outputs are fully introduced, but a bundle author might want the flexibility to not actually use outputs and just echo something out during exec and they DO want the value, vs incidental print statements from mixins that aren't explicitly asked for.
The text was updated successfully, but these errors were encountered: