Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-6441

Redact events with sensitive data

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PUP 4.6.0
    • Component/s: None
    • Labels:
    • Template:
    • Story Points:
      2
    • Sprint:
      Client 2016-07-13 (HA, 1.5.3), Client 2016-07-27
    • Release Notes:
      Not Needed
    • Release Notes Summary:
      Hide
      See PUP-6440. We'll release note the whole feature not the individual tix.
      Show
      See PUP-6440 . We'll release note the whole feature not the individual tix.

      Description

      When Puppet synchronizes a property it stores the historical, previous, and desired values in an instance of Puppet::Transaction::Event. The event is both sent to the Puppet master in the transaction report and is logged as part of the normal Puppet logging. When an event is created that contains sensitive data, these fields need to be redacted in some manner to prevent the plaintext values from being emitted in the aforementioned logging and reports.

      Event objects also contain a message field that may contain sensitive information, but as far as the event is concerned this is an opaque string and thus cannot be redacted by the event itself.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              qa qa
              Reporter:
              adrien Adrien Thebo
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support