Skip to content
This repository has been archived by the owner on Oct 21, 2024. It is now read-only.

gitops_checkout resource exposes github api key #3

Open
asheynkmantyler opened this issue Sep 24, 2021 · 0 comments
Open

gitops_checkout resource exposes github api key #3

asheynkmantyler opened this issue Sep 24, 2021 · 0 comments

Comments

@asheynkmantyler
Copy link

gitops_checkout resource exposes Github API Key in state file in repo parameter. If you do terraform state show on gitops_checkout resource, you will get something like this:

# module.harness.gitops_checkout.checkout_repo:
resource "gitops_checkout" "checkout_repo" {
    branch         = "master"
    head           = "91b80636b2b1cb425b9e8718270458f53c7fe267"
    id             = ".tmp.tcp-harness-config"
    path           = ".tmp.tcp-harness-config"
    repo           = "https://tcp-infrastructure:<github api key>@github.com/tyler-technologies/tcp-harness-config.git"
    retry_count    = 10
    retry_interval = 5
}

At the very least this parameter needs to be made sensitive. Or, ideally, strip username and api key information from state period. There is no need for it.

thanks,

Albert Sheynkman
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@asheynkmantyler