-
Notifications
You must be signed in to change notification settings - Fork 123
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added obfuscator into databinding #258
Conversation
Pull Request Test Coverage Report for Build 391675528
💛 - Coveralls |
Pull Request Test Coverage Report for Build 400798901
💛 - Coveralls |
"testing" | ||
) | ||
|
||
func TestReplaceObfuscatedJSONYAMLs(t *testing.T) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice, thanks for checking it still works with JSON 👍
} | ||
result := data.InterfaceMap{} | ||
if err := json.Unmarshal([]byte(decrypted), &result); err != nil { | ||
result["password"] = decrypted |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the text isn't JSON how about just returning the decrypted string instead instead of map with the key password
? The KMS does something similar to this and so it makes the config nicer as if you know it is just one value you don't have to remember to do {something.password}
and can use {something}
.
// ObfuscateGatherer instantiates a Obfuscate variable gatherer from the given configuration. The fetching process | ||
// will return either a map containing access paths to the stored JSON. | ||
// E.g. if the stored Secret is `{"account":{"user":"test1","password":"test2"}}`, the returned Map | ||
// contents will be: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks for the comment!
This PR will allow specifying in the integration configuration files, secrets obfuscated with newrelic cli
e.g. of nginx configuration