Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Note security concerns with grains for targeting #59197

Merged
merged 2 commits into from
Apr 1, 2021
Merged

Note security concerns with grains for targeting #59197

merged 2 commits into from
Apr 1, 2021

Conversation

dehnert
Copy link
Contributor

@dehnert dehnert commented Dec 28, 2020
edited
Loading

What does this PR do?

Given that Vault is used for managing secrets, it seems useful to remind
people that grains are generally minion-controlled when talking about
using them to assign policies (and consequently give access to secrets).
This is related to #43287, though only warns people of the issue, rather
than resolving it by adding (eg) Pillar-based targeting.

This change also cleans up some nearby style and formatting issues with
the docs.

What issues does this PR fix or reference?

Related to: #43287 (though that issue suggests Pillar-based targeting, which this doesn't attempt)

Merge requirements satisfied?

[NOTICE] Bug fixes or features added to Salt require tests.

Commits signed with GPG?

No

Please review Salt's Contributing Guide for best practices.

See GitHub's page on GPG signing for more information about signing commits with GPG.

@dehnert
Note security concerns with grains for targeting
f7af8d5 
Given that Vault is used for managing secrets, it seems useful to remind
people that grains are generally minion-controlled when talking about
using them to assign policies (and consequently give access to secrets).
This is related to saltstack#43287, though only warns people of the issue, rather
than resolving it by adding (eg) Pillar-based targeting.

This change also cleans up some nearby style and formatting issues with
the docs.
@dehnert dehnert requested a review from a team as a code owner December 28, 2020 06:01
@dehnert dehnert requested review from dwoz and removed request for a team December 28, 2020 06:01
@welcome
Copy link

welcome bot commented Dec 28, 2020

Hi there! Welcome to the Salt Community! Thank you for making your first contribution. We have a lengthy process for issues and PRs. Someone from the Core Team will follow up as soon as possible. In the meantime, here’s some information that may help as you continue your Salt journey.
Please be sure to review our Code of Conduct. Also, check out some of our community resources including:

There are lots of ways to get involved in our community. Every month, there are around a dozen opportunities to meet with other contributors and the Salt Core team and collaborate in real time. The best way to keep track is by subscribing to the Salt Community Events Calendar.
If you have additional questions, email us at core@saltstack.com. We’re glad you’ve joined our community and look forward to doing awesome things with you!

@cmcmarrow cmcmarrow added the Documentation Relates to Salt documentation label Jan 13, 2021
cmcmarrow
cmcmarrow approved these changes Jan 13, 2021
View reviewed changes
Copy link
Contributor

@cmcmarrow cmcmarrow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thx for the doc fix

@dehnert
Copy link
Contributor Author

dehnert commented Feb 24, 2021

It looks like this is not yet merged -- is there anything I should be doing to push it along?

@garethgreenaway garethgreenaway merged commit a4c52c1 into saltstack:master Apr 1, 2021
@welcome
Copy link

welcome bot commented Apr 1, 2021

Congratulations on your first PR being merged! 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cmcmarrow cmcmarrow cmcmarrow approved these changes

@twangboy twangboy twangboy approved these changes

@Ch3LL Ch3LL Ch3LL approved these changes

@garethgreenaway garethgreenaway garethgreenaway approved these changes

@dwoz dwoz Awaiting requested review from dwoz

Assignees
No one assigned
Labels
Documentation Relates to Salt documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@dehnert @garethgreenaway @Ch3LL @twangboy @cmcmarrow