secrets with no secret store references should behave like plain strings #13807
Labels
feature request
Requests for new plugin and for new features to existing plugins
Comments
redbaron
added
the
feature request
3 tasks
|
next steps: similar to #13804, want to get on the same page with Sven and go through each of these. |
This was referenced Sep 20, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Use Case
secretstore
memguardis quite complicated, but it is invoked every time "secret-capable" config option is accessed even if there is no references to a secret store.There is no value in "protecting" what essentially a plaintext string.
Expected behavior
config parameters with no secret store references should be short-circuit to a plaintext string, skipping
memguardcompletely.Actual behavior
memguardis used every time config parameter with potential secret in it is accessed, even if there is no references to secret stores.Additional info
Memguard can be quite challenging to deal with: #13804, #13806. Skipping it entirely when it doesn't add any value simplifies telegraf setup.
The text was updated successfully, but these errors were encountered: