[PUP-6442] Redact the message field of transaction events - Puppet Jira Server

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: PUP 4.6.0
Component/s: None
Labels:
- secrets

Epic Link:
Transaction event redaction
Story Points:
3
Sprint:
Client 2016-07-13 (HA, 1.5.3)

Release Notes:
Not Needed
Release Notes Summary:
See ~~PUP-6440~~. We'll release note the whole feature not the individual tix.

Description

Events generated during resource application accept among other values an arbitrary message. The message is logged to indicate when resource properties change, and they include the previous value and the newly set value. This is problematic if the property is sensitive; even if the event itself knows that it is sensitive there's no good way of redacting the previous and desired values in that message.

We need to either change the interface of Puppet::Transaction::Event to be able to redact messages containing sensitive information, or change how those messages are set to ensure that callers provide the redaction themselves. For the former case we can change events to take a format string, the previous value, desired value, and associated property and have the event itself take care of the redaction. For the latter case, we might have to do something evil like override Puppet::Property#is_to_s and Puppet::Property#should_to_s to provide the redaction themselves; this will have to be done in a way that handles subclasses that already override those methods.

Attachments

Issue Links

is blocked by

PUP-6441 Redact events with sensitive data

Closed

relates to

PUP-6541 Acceptance: Validate sensitive data type

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Adrien Thebo

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2016/06/24 2:30 PM

Updated:: 2016/08/11 9:58 AM

Resolved:: 2016/07/13 9:24 AM