-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow hiding sensitive parameters in UI #194
Comments
@TheZoker We do not recommend adding or storing any secrets/credentials via |
But a terraform variable would not be shown in the workspace setup process, right? And wouldn't a sensitive option for the (Source: https://coder.com/docs/v2/latest/secrets) Just hide the parameter everywhere in the UI/logs by showing ****** instead |
They are not designed to accept and show secrets. And are only available on the workspace creation form. Please elaborate on your use case. You can also try HCP Vault Secrets module to store and fetch secrets/API keys within your workspace. |
The use case is, that the user should be able to input a API key on creation of the workspace. He should be able to change it, but should not be able to see the API key outside of the workspace. Inside of the workspace, we provide the key as env variable and run a script to setup certain authentications. Sure we could also ask the user to create a file with the secret in it within the workspace, but then we would not be able to run our script in startup. This would also add more manual setup steps to a automated setup system. So in my opinion, it would be nice, if the user is guided trough setting up the workspace by inputting the API key in the workspace creation form and afterwards the key is displayed as *****. Similar to how many applications handle password change. Show **** when visiting the setup page, allow the users to overwrite it in clear text and after saving the change, show ***** again. What would speak against providing a sensitiv option for the And for just a simple API key we don't want to implement/deploy another third party app, just to store and receive it. |
@TheZoker Would coder/coder#7087 cover this use-case? |
Yes in my case this would absolutely solve the issue! For me case this would be fine! |
Workspace insights lists out all workspace parameters, masking at least for the UI should be allowed. |
It would be amazing, if there was an additional property for a
coder_parameter
calledsensitiv
(or similar).This would hide the current value of the parameter if the workspace is viewed.
It should allow to overwrite the parameter, therefore show it when the user overwrites it, but again hides it when the user saves the change.
This would allow users to e.g. input API keys as parameters, but hide them after inserting them.
The text was updated successfully, but these errors were encountered: