spring-cloud-commons icon indicating copy to clipboard operation
spring-cloud-commons copied to clipboard
verified publisher icon spring-cloud

management.endpoint.env.additional-keys-to-sanitize does not work

Open cj-vidas-toleikis opened this issue 3 years ago • 0 comments

I am using spring-cloud-context:3.1.1 management.endpoint.env.additional-keys-to-sanitize has been introduced with spring-boot:2.5.0: https://github.com/spring-projects/spring-boot/blob/v2.6.6/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/env/EnvironmentEndpointAutoConfiguration.java#L54-L57 but this does not work when management.endpoint.env.post.enabled is enabled: https://github.com/spring-cloud/spring-cloud-commons/blob/v3.1.1/spring-cloud-context/src/main/java/org/springframework/cloud/autoconfigure/WritableEnvironmentEndpointAutoConfiguration.java#L63-L70

/actuator/env returns not sanitized value of secret.value when using the following configuration:

management.endpoint.env.post.enabled=true
management.endpoint.env.additional-keys-to-sanitize=secret.*
secret.value=secret

cj-vidas-toleikis avatar Apr 13 '22 13:04 cj-vidas-toleikis