Skip to content
This repository was archived by the owner on Sep 30, 2024. It is now read-only.

Commit d4058e9

Browse files
unknwonunknwon
authored
conf: redact dotcom.sams.clientSecret site config (#61123)
1 parent 6845ff2 commit d4058e9

File tree

2 files changed

+8
-1
lines changed

2 files changed

+8
-1
lines changed

internal/conf/validate.go

+1
Original file line numberDiff line numberDiff line change
@@ -218,6 +218,7 @@ var siteConfigSecrets = []struct {
218218
{readPath: `auth\.unlockAccountLinkSigningKey`, editPaths: []string{"auth.unlockAccountLinkSigningKey"}},
219219
{readPath: `dotcom.srcCliVersionCache.github.token`, editPaths: []string{"dotcom", "srcCliVersionCache", "github", "token"}},
220220
{readPath: `dotcom.srcCliVersionCache.github.webhookSecret`, editPaths: []string{"dotcom", "srcCliVersionCache", "github", "webhookSecret"}},
221+
{readPath: `dotcom.sams\.clientSecret`, editPaths: []string{"dotcom", "sams.clientSecret"}},
221222
{readPath: `embeddings.accessToken`, editPaths: []string{"embeddings", "accessToken"}},
222223
{readPath: `completions.accessToken`, editPaths: []string{"completions", "accessToken"}},
223224
{readPath: `app.dotcomAuthToken`, editPaths: []string{"app", "dotcomAuthToken"}},

internal/conf/validate_test.go

+7-1
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ const (
2727
authUnlockAccountLinkSigningKey = "authUnlockAccountLinkSigningKey"
2828
dotcomSrcCliVersionCacheGitHubToken = "dotcomSrcCliVersionCacheGitHubToken"
2929
dotcomSrcCliVersionCacheGitHubWebhookSecret = "dotcomSrcCliVersionCacheGitHubWebhookSecret"
30+
dotcomSAMSClientSecret = "dotcomSAMSClientSecret"
3031
)
3132

3233
func TestValidate(t *testing.T) {
@@ -230,6 +231,7 @@ func TestRedactSecrets(t *testing.T) {
230231
dotcomGitHubAppCloudPrivateKey: dotcomGitHubAppCloudPrivateKey,
231232
dotcomSrcCliVersionCacheGitHubToken: dotcomSrcCliVersionCacheGitHubToken,
232233
dotcomSrcCliVersionCacheGitHubWebhookSecret: dotcomSrcCliVersionCacheGitHubWebhookSecret,
234+
dotcomSAMSClientSecret: dotcomSAMSClientSecret,
233235
authUnlockAccountLinkSigningKey: authUnlockAccountLinkSigningKey,
234236
},
235237
),
@@ -490,6 +492,7 @@ func getTestSiteWithRedactedSecrets() string {
490492
dotcomGitHubAppCloudPrivateKey: redactedSecret,
491493
dotcomSrcCliVersionCacheGitHubToken: redactedSecret,
492494
dotcomSrcCliVersionCacheGitHubWebhookSecret: redactedSecret,
495+
dotcomSAMSClientSecret: redactedSecret,
493496
authUnlockAccountLinkSigningKey: redactedSecret,
494497
},
495498
)
@@ -508,6 +511,7 @@ type testSecrets struct {
508511
dotcomGitHubAppCloudPrivateKey string
509512
dotcomSrcCliVersionCacheGitHubToken string
510513
dotcomSrcCliVersionCacheGitHubWebhookSecret string
514+
dotcomSAMSClientSecret string
511515
authUnlockAccountLinkSigningKey string
512516
}
513517

@@ -577,7 +581,8 @@ func getTestSiteWithSecrets(testSecrets testSecrets, optionalEdit ...string) str
577581
"token": "%s",
578582
"webhookSecret": "%s"
579583
}
580-
}
584+
},
585+
"sams.clientSecret": "%s"
581586
},
582587
"auth.unlockAccountLinkSigningKey": "%s",
583588
}`,
@@ -595,6 +600,7 @@ func getTestSiteWithSecrets(testSecrets testSecrets, optionalEdit ...string) str
595600
testSecrets.dotcomGitHubAppCloudPrivateKey,
596601
testSecrets.dotcomSrcCliVersionCacheGitHubToken,
597602
testSecrets.dotcomSrcCliVersionCacheGitHubWebhookSecret,
603+
testSecrets.dotcomSAMSClientSecret,
598604
testSecrets.authUnlockAccountLinkSigningKey,
599605
)
600606
}

0 commit comments

Comments
 (0)