apiToken is not marked secret in the schema #1013

t0yv0 · 2024-12-19T20:39:46Z

Describe what happened

There are several configuration variables that are potentially sensitive, apiToken I think is one of them. apiKey maybe, apiUserServiceKey.

Not having these marked secret in the schema risks leaking secrets.

Sample program

N/A

Log output

N/A

Affected Resource(s)

N/A

Output of `pulumi about`

N/A

Additional context

N/A

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

The text was updated successfully, but these errors were encountered:

pulumi-bot · 2025-01-02T20:47:13Z

This issue has been addressed in PR #1014 and shipped in release v5.46.0.

t0yv0 added kind/bug Some behavior is incorrect or out of spec needs-triage Needs attention from the triage team labels Dec 19, 2024

guineveresaenger self-assigned this Dec 20, 2024

guineveresaenger mentioned this issue Dec 20, 2024

Mark sensitive config fields Secret in schema #1014

Merged

guineveresaenger closed this as completed in #1014 Dec 20, 2024

guineveresaenger closed this as completed in 67f68b1 Dec 20, 2024

pulumi-bot added the resolution/fixed This issue was fixed label Dec 20, 2024

guineveresaenger removed the needs-triage Needs attention from the triage team label Jan 2, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

apiToken is not marked secret in the schema #1013

apiToken is not marked secret in the schema #1013

t0yv0 commented Dec 19, 2024

pulumi-bot commented Jan 2, 2025

apiToken is not marked secret in the schema #1013

apiToken is not marked secret in the schema #1013

Comments

t0yv0 commented Dec 19, 2024

Describe what happened

Sample program

Log output

Affected Resource(s)

Output of pulumi about

Additional context

Contributing

pulumi-bot commented Jan 2, 2025

Output of `pulumi about`