DataDog integration leaking Datadog API Key
While testing the datadog integration, a Maintainer
can recover the API Key by clicking on :
And then you get the API Key:
Knowing that, I'm wondering if those API Keys could also reside in logs?
/cc @arturoherrero as the EM
/cc @mhenriksen as the SC
Availability & Testing
Suggestions:
- Add new feature spec that triggers a DataDog webhook and validates that the secret(s) are masked in the logs.
- run
package-and-qa
Edited by Sean Gregory