App config export exporting sensitive information

Question

App config export exporting sensitive information

chocolatethunder opened this issue 6 years ago · 2 comments

When running

php bin/magento app:config:dump

The S3 access keys are being exported to the config.php and not env.php

This is causing deployment pipeline issues because config.php is supposed to be part of version control and env.php is not. Don't want to accidentally publish my AWS data to Github.

Additionally, I have also tried adding this to app/etc/di.xml file

<type name="Magento\Config\Model\Config\TypePool">
   <arguments>
      <argument name="sensitive" xsi:type="array">
         <item name="thai_s3/general/access_key" xsi:type="string">1</item>
         <item name="thai_s3/general/secret_key" xsi:type="string">1</item>
      </argument>
   </arguments>
</type>

But it doesn't affect the config export.

Answer 1 · 2018-10-17T21:39:41.000Z

Hi @chocolatethunder

This repo is for the Magento 1 extension. Can you re-create this issue in the Magento 2 repo below?

https://github.com/thaiphan/magento2-s3/

Regards,

Thai

Answer 2 · 2018-10-18T00:04:52.000Z

Hey @thaiphan

My apologies. Had a million tabs open so I posted the issue in the wrong repo. This issue is happening with the Magento2-S3 plugin. I will post a new issue there.