Skip to content

DataDog integration leaking Datadog API Key

While testing the datadog integration, a Maintainer can recover the API Key by clicking on :

image

And then you get the API Key:

image

Knowing that, I'm wondering if those API Keys could also reside in logs?

/cc @arturoherrero as the EM

/cc @mhenriksen as the SC

Availability & Testing

Suggestions:

  • Add new feature spec that triggers a DataDog webhook and validates that the secret(s) are masked in the logs.
  • run package-and-qa
Edited by Sean Gregory