Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-6435

Replace sensitive data marker type with resource metadata after catalog compilation

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PUP 4.6.0
    • Component/s: None
    • Labels:
    • Template:
    • Story Points:
      3
    • Sprint:
      Client 2016-07-27, Client 2016-08-10
    • Release Notes:
      Not Needed

      Description

      We need the ability to mark resource properties as sensitive during catalog compilation, but we don't have a good way of passing the planned data type all the way through Puppet. There are two issues - we can't serialize catalogs with rich data types to JSON and the Puppet RAL doesn't know how to unpack sensitive data types.

      The current PSON catalog serialization format is restricted to basic JSON types. There's no readily available way to attach metadata to values in a JSON document or extend information on some object directly; the structure of the document itself must be changed to incorporate metadata. This means that in order to serialize this sensitive context for properties we need to include this on resources that have sensitive properties.

      As an interim solution to this, we can add a per-resource field to contain this information; either an implementation specific sensitive key or a general metadata key that can include such information as sensitive. This information would be serialized for each resource when the catalog is serialized, would be transported within Puppet::Resource objects, and that information would be carried along when a Puppet::Resource object was converted to a Puppet::Type object.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              adrien Adrien Thebo
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support