Include sensitive flag in yaml/json output of porter explain for outputs and parameters

[carolynvs]

This issue started off as a discussion at #2193. When someone is automating retrieving values to run a bundle from porter explain, it is helpful to know if a parameter or output is sensitive. For example, they would know that sensitive values always should be retrieved from a secret store.

I don't want to add more information to the human readable display for the explain command, as we want to limit the info displayed to actionable data and I think this case is really about automation.

So lets add the sensitive flag (boolean) to both the json and yaml parameters and outputs sections in the output of porter explain.

For example, here is a bundle that has sensitive parameters and outputs:

$ porter explain -r ghcr.io/getporter/examples/sensitive-data:v0.1.0 -o yaml
name: examples/sensitive-data
description: An example bundle that generates sensitive data
version: 0.1.0
porterVersion: v1.0.0-alpha.19
parameters:
  - name: password
    type: string
    default: null
    applyTo: All Actions
    description: ""
    required: true
outputs:
  - name: name
    type: string
    applyTo: All Actions
    description: ""
mixins:
  - exec

After the change, the output should include the sensitive field:

$ porter explain -r ghcr.io/getporter/examples/sensitive-data:v0.1.0 -o yaml
name: examples/sensitive-data
description: An example bundle that generates sensitive data
version: 0.1.0
porterVersion: v1.0.0-alpha.19
parameters:
  - name: password
    type: string
    sensitive: true
    default: null
    applyTo: All Actions
    description: ""
    required: true
outputs:
  - name: name
    type: string
    sensitive: true
    applyTo: All Actions
    description: ""
mixins:
  - exec

The change should be made in the following file: https://github.com/getporter/porter/blob/release/v1/pkg/porter/explain.go and the testdata used in the associated test file updated to match the new expected output. You can either update the testdata files by hand, or you can call mage UpdateTestfiles after changing the code, and that will update the testdata files to match the new output.

See our Contributing Tutorial and New Contributor Guide for help getting started contributing to Porter.

[MadhuMPandurangi]

Hi @carolynvs, I'm interested to contribute to this issue. I request you to assign me the same. I had requested to issue #2324 too. I'm fine with any issue.

[VinozzZ]

Hi @MadhuMPandurangi , thank you for taking on this issue! If you have any questions, feel free to reach out to us!
If you haven't read through our contributing guide, here's the link to it: https://porter.sh/contribute/,

[carolynvs]

@MadhuMPandurangi We encourage contributors to only work on a single issue at a time, so that issues stay "available" for others to pick up until someone is actively working on them. How about you test out Porter with Artifactory first, and then when that's complete, then start on this one.

[MadhuMPandurangi]

Thank you @carolynvs @VinozzZ I'm going through the project and I'm happy to be on your team.

[MadhuMPandurangi]

Built a sample bundle that prints the name is done. I looked at the file https://github.com/getporter/porter/blob/release/v1/pkg/porter/explain.go but I didn't get how to make changes or what to edit in this file. Can anyone please help?

[carolynvs]

Hi @MadhuMPandurangi,

You need to add the sensitive flag to PrintableParameter, in

porter/pkg/porter/explain.go

Lines 85 to 93 in f72fc6e

	type PrintableParameter struct {
	param *bundle.Parameter
	Name string `json:"name" yaml:"name"`
	Type interface{} `json:"type" yaml:"type"`
	Default interface{} `json:"default" yaml:"default"`
	ApplyTo string `json:"applyTo" yaml:"applyTo"`
	Description string `json:"description" yaml:"description"`
	Required bool `json:"required" yaml:"required"`
	}

Then populate that field using the result of bun.IsSensitiveParameter(p) when we create a display representation of the bundle for the explain command:

porter/pkg/porter/explain.go

Lines 247 to 253 in f72fc6e

	pp := PrintableParameter{param: &v}
	pp.Name = p
	pp.Type = bun.GetParameterType(def)
	pp.Default = def.Default
	pp.ApplyTo = generateApplyToString(v.ApplyTo)
	pp.Required = v.Required
	pp.Description = v.Description

The yaml/json output of the explain command will automatically pick up your change so you don't need to do anything to get the new sensitive field to print out. Since we are not updating the human readable output of the explain command, there are no associated documentation changes to make this time.

When you run the unit tests with mage testunit, you should see tests fail after your change is completed because the output of the explain command now has the sensitive field included. Run mage updateTestFiles to synchronize the test files with the new output.

[MadhuMPandurangi]

Can see the output before build and after the build.
Added sensitive flag and successfully displayed.

[MadhuMPandurangi]

Do I proceed with PR?
Any document to look at before raising PR for this?

[carolynvs]

Looks good! Yes please create a pull request. We have a template that you will be prompted to fill out when you open it that explains the information we are looking for. 👍

[MadhuMPandurangi]

Hi @carolynvs @VinozzZ, please review the PR(#2440).

Thank You