summaryrefslogtreecommitdiff
path: root/cloudinit
diff options
context:
space:
mode:
authorJames Falcon <TheRealFalcon@users.noreply.github.com>2021-06-10 14:24:51 -0500
committerGitHub <noreply@github.com>2021-06-10 14:24:51 -0500
commit05b0e35026db3789c56ee9f8192d4a81067325e5 (patch)
treec8d9d4bd9e8253e4e8388290db0de77e96b87484 /cloudinit
parentb11632d1b105ee696abe085051decdee523a87c1 (diff)
downloadvyos-cloud-init-05b0e35026db3789c56ee9f8192d4a81067325e5.tar.gz
vyos-cloud-init-05b0e35026db3789c56ee9f8192d4a81067325e5.zip
Use instance-data-sensitive.json in jinja templates (SC-117) (#917)
instance-data.json redacts sensitive data for non-root users. Since user data is consumed as root, we should be consuming the non-redacted data instead. LP: #1931392
Diffstat (limited to 'cloudinit')
-rw-r--r--cloudinit/handlers/jinja_template.py5
1 files changed, 3 insertions, 2 deletions
diff --git a/cloudinit/handlers/jinja_template.py b/cloudinit/handlers/jinja_template.py
index aadfbf86..5033abbb 100644
--- a/cloudinit/handlers/jinja_template.py
+++ b/cloudinit/handlers/jinja_template.py
@@ -12,7 +12,7 @@ except ImportError:
from cloudinit import handlers
from cloudinit import log as logging
-from cloudinit.sources import INSTANCE_JSON_FILE
+from cloudinit.sources import INSTANCE_JSON_SENSITIVE_FILE
from cloudinit.templater import render_string, MISSING_JINJA_PREFIX
from cloudinit.util import b64d, load_file, load_json, json_dumps
@@ -36,7 +36,8 @@ class JinjaTemplatePartHandler(handlers.Handler):
def handle_part(self, data, ctype, filename, payload, frequency, headers):
if ctype in handlers.CONTENT_SIGNALS:
return
- jinja_json_file = os.path.join(self.paths.run_dir, INSTANCE_JSON_FILE)
+ jinja_json_file = os.path.join(
+ self.paths.run_dir, INSTANCE_JSON_SENSITIVE_FILE)
rendered_payload = render_jinja_payload_from_file(
payload, filename, jinja_json_file)
if not rendered_payload: