postgresstore: remove postgres URL from help output #511
Conversation
It could leak the username/password.
Codecov Report
@@ Coverage Diff @@
## master #511 +/- ##
==========================================
- Coverage 71.49% 71.44% -0.05%
==========================================
Files 100 100
Lines 5563 5564 +1
==========================================
- Hits 3977 3975 -2
- Misses 1221 1223 +2
- Partials 365 366 +1
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewable status: 0 of 1 files reviewed, 1 unresolved discussion (waiting on @conord33 and @t-bast)
postgresstore/cmd.go, line 138 at r1 (raw file):
// a postgres adapter using flag values. func InitializeWithFlags(version, commit string) *Store { dbURL := util.OrStrings(os.Getenv("POSTGRESSTORE_URL"), DefaultURL)
cant you just use os.Getenv("POSTGRESSTORE_URL")
if it is defined otherwise use url
. seems weird to have a flag you can't use.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewable status: 0 of 1 files reviewed, 1 unresolved discussion (waiting on @conord33 and @t-bast)
postgresstore/cmd.go, line 138 at r1 (raw file):
Previously, conord33 (Conor Dawson) wrote…
cant you just use
os.Getenv("POSTGRESSTORE_URL")
if it is defined otherwise useurl
. seems weird to have a flag you can't use.
If you prefer :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewable status: 0 of 1 files reviewed, 1 unresolved discussion (waiting on @t-bast)
postgresstore/cmd.go, line 138 at r1 (raw file):
Previously, t-bast (Bastien Teinturier) wrote…
If you prefer :)
👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 1 of 1 files at r2.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @t-bast)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
im still confused why the help message even got logged in the first place...
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @t-bast)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed, unless the pentesters found more than they told us and were able to get inside our AWS cluster :)
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @t-bast)
It could leak the username/password.
This change is