From ad0f49cc4e4dc771a25c06e8da1cb272691375e4 Mon Sep 17 00:00:00 2001
From: Praveen Kumar <kumarpraveen.nitdgp@gmail.com>
Date: Wed, 4 Oct 2023 12:02:19 +0530
Subject: [PATCH] start: Use `RunPrivate` for checking pull secret for
 microshift

As part of 211e9dd7, I used `RunPrivileged` which end up exposing pull
secret to debug logs. With this PR we are going to use `RunPrivate` to
make sure we hide the pull secret info. `RunPrivate` is used with `sudo`
command because normal user doesn't have read permission to
`/etc/crio/openshift-pull-secret` file.
---
 pkg/crc/machine/start.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/crc/machine/start.go b/pkg/crc/machine/start.go
index 6b1bde939f..ce9e0a1f7a 100644
--- a/pkg/crc/machine/start.go
+++ b/pkg/crc/machine/start.go
@@ -1068,7 +1068,7 @@ func startMicroshift(ctx context.Context, sshRunner *crcssh.Runner, ocConfig oc.
 }
 
 func ensurePullSecretPresentInVM(sshRunner *crcssh.Runner, pullSec cluster.PullSecretLoader) error {
-	if pullSecret, _, err := sshRunner.RunPrivileged("Checking if pull secret already present in the VM", "cat", "/etc/crio/openshift-pull-secret"); err == nil {
+	if pullSecret, _, err := sshRunner.RunPrivate("sudo", "cat", "/etc/crio/openshift-pull-secret"); err == nil {
 		if err := validation.ImagePullSecret(pullSecret); err == nil {
 			return nil
 		}