Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-6434

Define data type for marking certain information as sensitive

    XMLWordPrintable

Details

    • New Feature
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • None
    • PUP 4.6.0
    • None
    • New Feature
    • Hide
      A new type {{Sensitive\[T]}} has been added to the type system. New sensitive instances can be created with Sensitive.new(value). Such an instance signals to the running system that the information contained in the Sensitive object should not be leaked in clear text.
      Show
      A new type {{Sensitive\[T]}} has been added to the type system. New sensitive instances can be created with Sensitive.new(value). Such an instance signals to the running system that the information contained in the Sensitive object should not be leaked in clear text.

    Description

      In order to convey to the Puppet agent that certain resource properties may be sensitive, the Puppet DSL needs the concept of sensitive information. This is best represented as a wrapper data type that will initially mark the wrapped information as sensitive, and will ultimately guard the information from leaking out of the current context in plaintext.

      This type needs to behave correctly when compiled and used in the same Ruby process via puppet apply. It also needs to be serializable in a manner that stores the wrapped value in the catalog in a backwards compatible manner while retaining the sensitive context in a manner that the agent can use.

      Attachments

        Issue Links

          blocks

          Improvement - An improvement or enhancement to an existing feature or task. PUP-6435 Replace sensitive data marker type with resource metadata after catalog compilation

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed
          is duplicated by

          New Feature - A new feature of the product, which has yet to be developed. PUP-5833 Add Sensitive Type to the typesystem

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed
          relates to

          New Feature - A new feature of the product, which has yet to be developed. PUP-5831 Add a Binary type and runtime object

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Task - A task that needs to be done. PUP-6532 Document Sensitive data type (language specification)

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Resolved

          Activity

            People

              qa qa
              adrien Adrien Thebo
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support