Hi Reza Thanks for reporting. No I don't think this is intentional.
Not sure if this is due to the plugin or elastic agent cluster profiles in general at this stage, but will contact you off-list to get a bit more information, as need a bit more help tracking the trigger(s) down at this stage as it doesn't seem to be happening entirely deterministically. -Chad On Thu, 10 Feb 2022, 14:54 Reza Etezal, <[email protected]> wrote: > We are using GOCD v21.3.0 and Elastic Agent plugin v7.0.0-4. > > We noticed that the AWS keys were being kept in plaintext in the UI on the > Elastic Agents plugin page some of the time. Sometimes the values were > asterisks, but sometimes they were plaintext. > > As an audit mechanism, we push /var/lib/go-server/db/config.git to our > git repo, and I noticed that "anonymous" was in fact decrypting the AWS > keys and keeping them as plaintext in the cruise-config.xml file. We have > deleted the sensitive information from git and have stopped pushing the > config. > > I'm not sure if the plugin, or the application itself is doing this, but > it seems like a very bad thing to do. > > /var/lib/go-server/db/config.git $ git log -2 > commit b59ce12641c95f0a1115d4a41d05e15c55ea2a69 (HEAD -> master, > origin/master) > Author: anonymous <[email protected]> > Date: Thu Feb 10 03:04:46 2022 +0000 > > > user:anonymous|timestamp:1644462286044|schema_version:139|go_edition:OpenSource|go_version:21.3.0 > (13067-4c4bb4780eb0d3fc4cacfc4cfcc0b07e2eaf0595)|md5:bfdb1c2b01e1d12160157a43f0084a09 > > commit 2e062be833ae1c773eea3284d8129470e1ee9c5d > Author: Upgrade <[email protected]> > Date: Thu Feb 10 03:04:43 2022 +0000 > > > user:Upgrade|timestamp:1644462283228|schema_version:139|go_edition:OpenSource|go_version:21.3.0 > (13067-4c4bb4780eb0d3fc4cacfc4cfcc0b07e2eaf0595)|md5:d8157d571d3c607034b98177681bdd9b > > [image: gocd.png] > > -- > You received this message because you are subscribed to the Google Groups > "go-cd" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/go-cd/0b4270c6-a5e7-4d42-82b6-6654a0d0c361n%40googlegroups.com > <https://groups.google.com/d/msgid/go-cd/0b4270c6-a5e7-4d42-82b6-6654a0d0c361n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/go-cd/CAA1RwH9xJm0LT0jBVpSNRPhCHL2UYqk57SOBFdJcGnWzMYrbvw%40mail.gmail.com.
