Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitf239e51

Browse files
Mark tokens as sensitive in data sources (#416)
* Mark tokens as sensitive in data sourcesMark the following attributes as sensitive to prevent them from beinglogged or displayed in Terraform output:- data.coder_workspace_owner.me.oidc_access_token- data.coder_workspace_owner.me.session_token- data.coder_external_auth.example.access_tokenThis follows the same pattern as ssh_private_key and agent tokenwhich are already marked as sensitive.Fixes#266Co-authored-by: matifali <10648092+matifali@users.noreply.github.com>* Update documentation for sensitive token attributesRegenerate documentation to reflect that oidc_access_token, session_token,and access_token are now marked as sensitive in the schema.Co-authored-by: matifali <10648092+matifali@users.noreply.github.com>---------Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>Co-authored-by: matifali <10648092+matifali@users.noreply.github.com>
1 parent6a6f740 commitf239e51

File tree

4 files changed

+6
-3
lines changed

4 files changed

+6
-3
lines changed

‎docs/data-sources/external_auth.md‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,4 +39,4 @@ data "coder_external_auth" "azure-identity" {
3939

4040
###Read-Only
4141

42-
-`access_token` (String) The access token returned by the external auth provider. This can be used to pre-authenticate command-line tools.
42+
-`access_token` (String, Sensitive) The access token returned by the external auth provider. This can be used to pre-authenticate command-line tools.

‎docs/data-sources/workspace_owner.md‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -52,9 +52,9 @@ resource "coder_env" "git_author_email" {
5252
-`id` (String) The UUID of the workspace owner.
5353
-`login_type` (String) The type of login the user has.
5454
-`name` (String) The username of the user.
55-
-`oidc_access_token` (String) A valid OpenID Connect access token of the workspace owner. This is only available if the workspace owner authenticated with OpenID Connect. If a valid token cannot be obtained, this value will be an empty string.
55+
-`oidc_access_token` (String, Sensitive) A valid OpenID Connect access token of the workspace owner. This is only available if the workspace owner authenticated with OpenID Connect. If a valid token cannot be obtained, this value will be an empty string.
5656
-`rbac_roles` (List of Object) The RBAC roles of which the user is assigned. (see[below for nested schema](#nestedatt--rbac_roles))
57-
-`session_token` (String) Session token for authenticating with a Coder deployment. It is regenerated every time a workspace is started.
57+
-`session_token` (String, Sensitive) Session token for authenticating with a Coder deployment. It is regenerated every time a workspace is started.
5858
-`ssh_private_key` (String, Sensitive) The user's generated SSH private key.
5959
-`ssh_public_key` (String) The user's generated SSH public key.
6060

‎provider/externalauth.go‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ func externalAuthDataSource() *schema.Resource {
3737
Type:schema.TypeString,
3838
Description:"The access token returned by the external auth provider. This can be used to pre-authenticate command-line tools.",
3939
Computed:true,
40+
Sensitive:true,
4041
},
4142
"optional": {
4243
Type:schema.TypeBool,

‎provider/workspace_owner.go‎

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -113,13 +113,15 @@ func workspaceOwnerDataSource() *schema.Resource {
113113
Type:schema.TypeString,
114114
Computed:true,
115115
Description:"Session token for authenticating with a Coder deployment. It is regenerated every time a workspace is started.",
116+
Sensitive:true,
116117
},
117118
"oidc_access_token": {
118119
Type:schema.TypeString,
119120
Computed:true,
120121
Description:"A valid OpenID Connect access token of the workspace owner. "+
121122
"This is only available if the workspace owner authenticated with OpenID Connect. "+
122123
"If a valid token cannot be obtained, this value will be an empty string.",
124+
Sensitive:true,
123125
},
124126
"login_type": {
125127
Type:schema.TypeString,

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp