recorder: encypt the tarball #1002
Closed
+8
−2
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This comment was marked as outdated.
This comment was marked as outdated.
ansibullbot
added
integration
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
Reduce the risk of a potential secret leakage with encryption. Also reduce the verbosity of Ansible.
goneri
force-pushed
the
recorder-encypt-the-tarball_988
branch
from
eb67662 to
f54594f
Compare
This comment was marked as outdated.
This comment was marked as outdated.
tremble
requested changes
Sep 9, 2022
There was a problem hiding this comment.
I'm -1 to this. It makes it impossible to run the tests outside of CI. I'm good with finding a way to anonymise things, but encrypting the test tarball feels very wrong.
As an alternative it's probably better to leave the recording as text files rather than a tarball, since follks may at least be able to see that they just tried to push sensitive data.
alinabuzachis
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 9, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
alinabuzachis
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 9, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
alinabuzachis
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 9, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
alinabuzachis
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 9, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
|
@gravesm how do you feel about this? |
|
The main advantage I see with a tar.gz are that the modern IDE won't try to index the tarballs. Also the content is supposed to be immutable and a tarball help to avoid any surprise. This is also a way to avoid long diff in Github interface, but I believe they've got a mechanism to turn off diff on some specific files. |
|
@tremble makes a good point. It makes me nervous to just blindly record an AWS session and push it to GH, though. Can we make |
|
We should step back and do the research task that was identified for this work when it gets prioritized into the backlog so that we can plan for these cases. |
|
alinabuzachis
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 16, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
goneri
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 21, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
goneri
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 21, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
goneri
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 21, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
goneri
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 21, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
goneri
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 21, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
goneri
pushed a commit
to alinabuzachis/amazon.aws
that referenced
this pull request
Sep 21, 2022
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@c403552
abikouo
pushed a commit
to abikouo/amazon.aws
that referenced
this pull request
Sep 18, 2023
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]>
abikouo
pushed a commit
to abikouo/amazon.aws
that referenced
this pull request
Sep 18, 2023
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]>
abikouo
pushed a commit
to abikouo/amazon.aws
that referenced
this pull request
Oct 24, 2023
…/removing iam roles (ansible-collections#1002) rds_instance - fix check_mode and idempotence bugs and support adding/removing iam roles SUMMARY Support the addition and deletion of iam roles to db instances Fixes ansible-collections#464 Fixes ansible-collections#1013 Integration tests to test both this and the amazon.aws module_util rds changes Depends-On ansible-collections#714 ISSUE TYPE Feature Pull Request COMPONENT NAME rds_instance ADDITIONAL INFORMATION Wasn't sure the best way to go about deleting IAM roles - ended up using a purge_iam_roles param that defaults to False, which seems consistent with other modules I've looked at. Reviewed-by: Mark Woolley <[email protected]> Reviewed-by: Joseph Torcasso <None> Reviewed-by: Gonéri Le Bouder <[email protected]> Reviewed-by: Alina Buzachis <None> Reviewed-by: Markus Bergholz <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Depends-On: ansible/ansible-zuul-jobs#1621
Reduce the risk of a potential secret leakage with encryption.