You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What steps did you take and what happened:
Ran the github.com/vmware-tanzu/velero/pkg/repository/config tests with either:
~/.aws/credentials file
export AWS_ACCESS_KEY_ID=exposed_creds
The error message contained exposed credentials and additional AWS data that should not be in the error message.
What did you expect to happen:
The AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY from the running environment should never be exposed in the test logs nor errors.
The text was updated successfully, but these errors were encountered:
mpryc
added a commit
to mpryc/velero
that referenced
this issue
Aug 30, 2024
…ng tests
Changed the tests to use mocked function that will not read actual
secrets from env variables nor AWS config file that may be
on the system that is running tests.
As a second guard against exposed secrets comparison for the values
does not shows the actual values for the AWS data. This is to prevent
situation where programming error may still allow the test to read
AWS config/env variables instead of using mocked function.
Signed-off-by: Michal Pryc <[email protected]>
…ng tests
Changed the tests to use mocked function that will not read actual
secrets from env variables nor AWS config file that may be
on the system that is running tests.
As a second guard against exposed secrets comparison for the values
does not shows the actual values for the AWS data. This is to prevent
situation where programming error may still allow the test to read
AWS config/env variables instead of using mocked function.
Signed-off-by: Michal Pryc <[email protected]>
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days. If a Velero team member has requested log or more information, please provide the output of the shared commands.
What steps did you take and what happened:
Ran the
github.com/vmware-tanzu/velero/pkg/repository/config
tests with either:~/.aws/credentials
fileexport AWS_ACCESS_KEY_ID=exposed_creds
The error message contained exposed credentials and additional AWS data that should not be in the error message.
What did you expect to happen:
The
AWS_ACCESS_KEY_ID
,AWS_SECRET_ACCESS_KEY
from the running environment should never be exposed in the test logs nor errors.The text was updated successfully, but these errors were encountered: