Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't print contents of secret values with '\n' characters. #28

Merged
merged 4 commits into from
Dec 20, 2023
Merged

Don't print contents of secret values with '\n' characters. #28

merged 4 commits into from
Dec 20, 2023

Conversation

michaelbiriley
Copy link
Contributor

We found that one of our secrets was showing immediately in the logs. :(

The secret is a private key. It is a JSON value that contains \n in the string.

This tweak means that the command that sed processes is limited to the first line of the 'raw' string.

Problematic output:
Screenshot 2023-12-19 at 11 17 43

@michaelbiriley
Copy link
Contributor Author

@72636c Are you still looking after this repo? Does the above make sense?

72636c
72636c reviewed Dec 18, 2023
View reviewed changes
hooks/environment
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the catch @michaelbiriley!

Would you be up to add a test case to ensure this doesn't regress in future? I'm thinking we could use assert_output without --partial.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good idea. Please see below.. it was a bit fiddly to deal with the bash color code characters.. but I got there in the end.

Let me know if there are any blockers to merging. 🙏

@michaelbiriley
Add test to be certain that a single line in shown, instead of the ov…
04228b2 
…erflow multiline value

also expand test # detection to be able to define double digit tests.
@michaelbiriley
Clean-up some extra whitepsace
931f078
72636c
72636c approved these changes Dec 20, 2023
View reviewed changes
Copy link
Member

@72636c 72636c left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution and patience @michaelbiriley 🙇

@72636c 72636c merged commit 7378736 into seek-oss:master Dec 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@72636c 72636c 72636c approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@michaelbiriley @72636c