Skip to content

Commit

Permalink
start: Use RunPrivate for checking pull secret for microshift
Browse files Browse the repository at this point in the history 
As part of 211e9dd, I used `RunPrivileged` which end up exposing pull
secret to debug logs. With this PR we are going to use `RunPrivate` to
make sure we hide the pull secret info. `RunPrivate` is used with `sudo`
command because normal user doesn't have read permission to
`/etc/crio/openshift-pull-secret` file.
  • Loading branch information
@praveenkumar
praveenkumar committed Oct 5, 2023
1 parent 02e1f69 commit ad0f49c
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion pkg/crc/machine/start.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1068,7 +1068,7 @@ func startMicroshift(ctx context.Context, sshRunner *crcssh.Runner, ocConfig oc.
}

func ensurePullSecretPresentInVM(sshRunner *crcssh.Runner, pullSec cluster.PullSecretLoader) error {
if pullSecret, _, err := sshRunner.RunPrivileged("Checking if pull secret already present in the VM", "cat", "/etc/crio/openshift-pull-secret"); err == nil {
if pullSecret, _, err := sshRunner.RunPrivate("sudo", "cat", "/etc/crio/openshift-pull-secret"); err == nil {
if err := validation.ImagePullSecret(pullSecret); err == nil {
return nil
}
Expand Down

0 comments on commit ad0f49c

Please sign in to comment.