diff options
author | Salim Afiune <afiune@chef.io> | 2016-12-22 18:33:35 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-12-22 18:33:35 -0500 |
commit | a02b1156522ceb2a8b32cacb33ac5d9c02ccde25 (patch) | |
tree | c63b7ea07588fba324dc570505eca5eff4f8d938 | |
parent | 98c205d7ca95089842ee92e0d96bda987b6fe0af (diff) | |
parent | f969e586d3f0e0a1f5d564c36df7c3ddeed66dec (diff) | |
download | chef-a02b1156522ceb2a8b32cacb33ac5d9c02ccde25.tar.gz |
Merge pull request #5668 from chef/afiune/COOL-642/dont-report-sensitive-data
Report a blank resource if sensitive is enabled
-rw-r--r-- | RELEASE_NOTES.md | 11 | ||||
-rw-r--r-- | lib/chef/resource_reporter.rb | 11 | ||||
-rw-r--r-- | spec/unit/resource_reporter_spec.rb | 24 |
3 files changed, 46 insertions, 0 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 4d0d50fbcd..6d60f16065 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -6,6 +6,16 @@ _This file holds "in progress" release notes for the current release under devel - You can now enable chef-client to run as a scheduled task directly from the client MSI on Windows hosts. +## Highlighted bug fixes for this release: + +- Fixed exposure of sensitive data of resources marked as sensitive inside Reporting. Before you + were able to see the sensitive data on the Run History tab in the Chef Manage Console. Now we + are sending a new blank resource if the resource is marked as sensitive, this way we will not + compromise any sensitive data. + + _Note: Old data that was already sent to Reporting marked as sensitive will continue to be + displayed. Apologies._ + ## New deprecations introduced in this release: ### Chef Platform Methods @@ -13,3 +23,4 @@ _This file holds "in progress" release notes for the current release under devel - **Deprecation ID**: 13 - **Remediation Docs**: <https://docs.chef.io/chef_platform_methods.html> - **Expected Removal**: Chef 13 (April 2017) + diff --git a/lib/chef/resource_reporter.rb b/lib/chef/resource_reporter.rb index 8422870e2a..368e66245f 100644 --- a/lib/chef/resource_reporter.rb +++ b/lib/chef/resource_reporter.rb @@ -198,6 +198,17 @@ class Chef def resource_completed(new_resource) if @pending_update && !nested_resource?(new_resource) @pending_update.finish + + # Verify if the resource has sensitive data + # and create a new blank resource with only + # the name so we can report it back without + # sensitive data + if @pending_update.new_resource.sensitive + klass = @pending_update.new_resource.class + resource_name = @pending_update.new_resource.name + @pending_update.new_resource = klass.new(resource_name) + end + @updated_resources << @pending_update @pending_update = nil end diff --git a/spec/unit/resource_reporter_spec.rb b/spec/unit/resource_reporter_spec.rb index f951c62b94..ccd7087c0b 100644 --- a/spec/unit/resource_reporter_spec.rb +++ b/spec/unit/resource_reporter_spec.rb @@ -265,6 +265,30 @@ describe Chef::ResourceReporter do @resource_reporter.run_started(@run_status) end + context "when the new_resource is sensitive" do + before do + @execute_resource = Chef::Resource::Execute.new("sensitive-resource") + @execute_resource.name("sensitive-resource") + @execute_resource.command('echo "password: SECRET"') + @execute_resource.sensitive(true) + @resource_reporter.resource_action_start(@execute_resource, :run) + @resource_reporter.resource_current_state_loaded(@execute_resource, :run, @current_resource) + @resource_reporter.resource_updated(@execute_resource, :run) + @resource_reporter.resource_completed(@execute_resource) + @run_status.stop_clock + @report = @resource_reporter.prepare_run_data + @first_update_report = @report["resources"].first + end + + it "resource_name in prepared_run_data should be the same" do + expect(@first_update_report["name"]).to eq("sensitive-resource") + end + + it "resource_command in prepared_run_data should be blank" do + expect(@first_update_report["after"]).to eq({ :command => "sensitive-resource" }) + end + end + context "when the new_resource does not have a string for name and identity" do context "the new_resource name and id are nil" do before do |