action #111010
Updated by jlausuch almost 2 years ago
I am doing some tests using `type_password` command to put some sensitive information into a file in a running system.
According to the documentation [1]: `A convenience wrapper around type_string, which doesn’t log the string.`
However, if I do:
`type_password("echo 'yada yada' > /root/influxdb_conf\n");`
This info is shown in autoinst-log.txt:
```
[2022-05-12T13:05:09.897059+02:00] [debug] tests/jeos/image_info.pm:130 called testapi::type_password
[2022-05-12T13:05:09.897329+02:00] [debug] <<< testapi::type_string(string="echo 'yada yada' > /root/influxdb_conf\n", max_interval=100, wait_screen_changes=0, wait_still_screen=0, timeout=30, similarity_level=47)
```
This is using root-console. If I use serial_terminal, I get it in the `serial_terminal.txt` log:
```
...
SCRIPT_FINISHEDGItcm-0-
# echo 'yada yada' > /root/influxdb_conf
```
Also, openQA tests are showing this
2 months ago (before https://github.com/os-autoinst/os-autoinst/pull/2002)
https://openqa.suse.de/tests/8405529/logfile?filename=autoinst-log.txt
```
[2022-03-26T12:33:40.095557+01:00] To me, that debug message `[2022-05-12T13:05:09.897329+02:00] [debug] tests/jeos/firstrun.pm:116 called testapi::type_password
[2022-03-26T12:33:40.095850+01:00] [debug] <<< testapi::type_string(string="SECRET STRING", max_interval=100, wait_screen_changes=0, wait_still_screen=0, timeout=30, similarity_level=47)
``` testapi::type_string` should not be present at all.
Now:
https://openqa.suse.de/tests/8738443/logfile?filename=autoinst-log.txt
```
[2022-05-12T06:09:58.666172+02:00] [debug] tests/jeos/firstrun.pm:116 called testapi::type_password
[2022-05-12T06:09:58.666561+02:00] [debug] <<< testapi::type_string(string="nots3cr3t", max_interval=100, wait_screen_changes=0, wait_still_screen=0, timeout=30, similarity_level=47)
```
[1] http://open.qa/api/testapi/#_type_password