Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chef_automate resource exposes secrets in delivery.rb #221

Closed
JOSEPHBODNAR opened this issue Mar 21, 2018 · 0 comments · Fixed by #231
Closed

chef_automate resource exposes secrets in delivery.rb #221

JOSEPHBODNAR opened this issue Mar 21, 2018 · 0 comments · Fixed by #231

Comments

@JOSEPHBODNAR
Copy link

Cookbook version

2.3.0

Chef-client version

12

Platform Details

suse 12

Scenario:

The chef_automate resource displays secrets (e.g. data collector token) by exposing the /etc/delivery/delivery.rb file even though the sensitive property is set to true for the resource.

Steps to Reproduce:

Consume the chef_automate resource and set the sensitive property to true. Upon creation or a config change the changes to /etc/delivery/delivery.rb will be displayed.

The sensitive property should be passed (if set) to the 'automate' ingredient_config resource that is called inside the chef_automate resource. The ingredient_config resource is already coded to respect the sensitive resource.

Expected Result:

Do not display the /etc/delivery/delivery.rb file changes if the sensitive property is set to true for the chef_automate resource.

Actual Result:

The changes to /etc/delivery/delivery.rb are always displayed when changes are made to the chef_automate resource config.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@JOSEPHBODNAR