MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 21:02:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

Redact all secrets from config viewing APIs (#17380)

Browse Source 
This change adds a `Secret` property to `HelpKV` to identify secrets
like passwords and auth tokens that should not be revealed by the server
in its configuration fetching APIs. Configuration reporting APIs now do
not return secrets.
This commit is contained in:
Aditya Manthramurthy
2023-06-23 07:45:27 -07:00
committed by GitHub
parent d315d012a4
commit f3248a4b37
15 changed files with 119 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
internal/config/help.go
View File

@@ -25,10 +25,14 @@ type HelpKV struct {
Description string `json:"description"`
Optional bool `json:"optional"`
// Indicates if the value contains sensitive info
// that shouldn't be exposed in certain apis
// Indicates if the value contains sensitive info that shouldn't be exposed
// in certain apis (such as Health Diagnostics/Callhome)
Sensitive bool `json:"-"`
// Indicates if the value is a secret such as a password that shouldn't be
// exposed by the server
Secret bool `json:"-"`
// Indicates if sub-sys supports multiple targets.
MultipleTargets bool `json:"multipleTargets"`
}