diff options
| author | James Falcon <TheRealFalcon@users.noreply.github.com> | 2021-06-10 14:24:51 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-06-10 14:24:51 -0500 |
| commit | 05b0e35026db3789c56ee9f8192d4a81067325e5 (patch) | |
| tree | c8d9d4bd9e8253e4e8388290db0de77e96b87484 /cloudinit/handlers | |
| parent | b11632d1b105ee696abe085051decdee523a87c1 (diff) | |
| download | cloud-init-git-05b0e35026db3789c56ee9f8192d4a81067325e5.tar.gz | |
Use instance-data-sensitive.json in jinja templates (SC-117) (#917)
instance-data.json redacts sensitive data for non-root users. Since user
data is consumed as root, we should be consuming the non-redacted data
instead.
LP: #1931392
Diffstat (limited to 'cloudinit/handlers')
| -rw-r--r-- | cloudinit/handlers/jinja_template.py | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/cloudinit/handlers/jinja_template.py b/cloudinit/handlers/jinja_template.py index aadfbf86..5033abbb 100644 --- a/cloudinit/handlers/jinja_template.py +++ b/cloudinit/handlers/jinja_template.py @@ -12,7 +12,7 @@ except ImportError: from cloudinit import handlers from cloudinit import log as logging -from cloudinit.sources import INSTANCE_JSON_FILE +from cloudinit.sources import INSTANCE_JSON_SENSITIVE_FILE from cloudinit.templater import render_string, MISSING_JINJA_PREFIX from cloudinit.util import b64d, load_file, load_json, json_dumps @@ -36,7 +36,8 @@ class JinjaTemplatePartHandler(handlers.Handler): def handle_part(self, data, ctype, filename, payload, frequency, headers): if ctype in handlers.CONTENT_SIGNALS: return - jinja_json_file = os.path.join(self.paths.run_dir, INSTANCE_JSON_FILE) + jinja_json_file = os.path.join( + self.paths.run_dir, INSTANCE_JSON_SENSITIVE_FILE) rendered_payload = render_jinja_payload_from_file( payload, filename, jinja_json_file) if not rendered_payload: |