[MODULES-9690] Puppetlabs/chocolatey : Sensitive data type not supported for chocolateysource - Puppet Jira Server

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: chocolatey , windows
Labels:
- Chocolatey
- windows

Method Found:
Needs Assessment

QA Risk Assessment:
Needs Assessment

Description

Basic Info
Module Version: 3.1.1
Puppet Version: 6.4.2
OS Name/Version: Windows Server 2016

When using the module to configure a source (such as Artifactory), the sensitive data type is not supported for login credentials to said source. This presents a scenario where someone could run puppet in debug mode and view the credentials in clear text.

Unable to mark 'password' as sensitive: password is a parameter and not a property, and cannot be automatically redacted.

Desired Behavior: The sensitive data type is supported for the password parameter when configuring a secure source.

Actual Behavior: The sensitive data type is not supported, thus the password appears as clear text in debug output.

Please take a moment and attach any relevant log output and/or manifests. This will help us immensely when troubleshooting the issue.

Attachments

Issue Links

mentioned in: Page Loading...

Activity

People

Assignee:: William Hurt

Reporter:: Justin Woodman

Votes:: 2 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2019/08/05 11:45 AM

Updated:: 2019/08/15 6:48 AM

Resolved:: 2019/08/15 6:48 AM