Hide consul token on UI. (#2797)

2024-09-19 23:37:31 -07:00 · 2017-06-02 00:14:23 +03:00 · 2017-06-02 00:14:23 +03:00 · dbe2eb2afc
parent a391156dfb
commit dbe2eb2afc
4 changed files with 5 additions and 3 deletions
--- a/config/config.go
+++ b/config/config.go
@ -835,7 +835,7 @@ func (c *FileSDConfig) UnmarshalYAML(unmarshal func(interface{}) error) error {
 // ConsulSDConfig is the configuration for Consul service discovery.
 type ConsulSDConfig struct {
 	Server       string `yaml:"server"`
-	Token        string `yaml:"token,omitempty"`
+	Token        Secret `yaml:"token,omitempty"`
 	Datacenter   string `yaml:"datacenter,omitempty"`
 	TagSeparator string `yaml:"tag_separator,omitempty"`
 	Scheme       string `yaml:"scheme,omitempty"`
--- a/config/config_test.go
+++ b/config/config_test.go
@ -247,6 +247,7 @@ var expectedConf = &Config{
 				ConsulSDConfigs: []*ConsulSDConfig{
 					{
 						Server:       "localhost:1234",
+						Token:        "mysecret",
 						Services:     []string{"nginx", "cache", "mysql"},
 						TagSeparator: DefaultConsulSDConfig.TagSeparator,
 						Scheme:       "https",
@ -542,7 +543,7 @@ func TestLoadConfig(t *testing.T) {
 	s := c.String()
 	secretRe := regexp.MustCompile("<secret>")
 	matches := secretRe.FindAllStringIndex(s, -1)
-	if len(matches) != 5 || strings.Contains(s, "mysecret") {
+	if len(matches) != 6 || strings.Contains(s, "mysecret") {
 		t.Fatalf("config's String method reveals authentication credentials.")
 	}

--- a/config/testdata/conf.good.yml
+++ b/config/testdata/conf.good.yml
@ -113,6 +113,7 @@ scrape_configs:

  consul_sd_configs:
  - server: 'localhost:1234'
+    token: mysecret
    services: ['nginx', 'cache', 'mysql']
    scheme: https
    tls_config:
--- a/discovery/consul/consul.go
+++ b/discovery/consul/consul.go
@ -105,7 +105,7 @@ func NewDiscovery(conf *config.ConsulSDConfig, logger log.Logger) (*Discovery, e
 		Address:    conf.Server,
 		Scheme:     conf.Scheme,
 		Datacenter: conf.Datacenter,
-		Token:      conf.Token,
+		Token:      string(conf.Token),
 		HttpAuth: &consul.HttpBasicAuth{
 			Username: conf.Username,
 			Password: string(conf.Password),