Skip to content

Additional updates to S3 mode #43

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10 commits into
base: v8
Choose a base branch
from
Open

Additional updates to S3 mode #43

wants to merge 10 commits into from

Conversation

@harmony7
Copy link
Member

@harmony7 harmony7 commented Nov 5, 2025

  • Position S3 mode as BETA
  • Make storage-mode default to kv-store
  • When scaffolding S3 mode, add [setup] section for secret store to enable easy setup when deploying
  • Add mechanism to "tag" cached objects so that they can be purged after publishing content
  • Make sure that index and settings are purged after publishing content
  • other minor bugfixes

@harmony7 harmony7 requested review from a team and kailan and removed request for a team November 5, 2025 16:41
@harmony7 harmony7 changed the base branch from main to v8 November 5, 2025 16:41
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 5, 2025
View reviewed changes
src/cli/storage/s3-storage-provider.ts
if (apiTokenResult == null) {
throw new Error("❌ Fastly API Token not provided.\nSet the FASTLY_API_TOKEN environment variable to an API token that has write access to the KV Store.");
}
console.log(`✔️ Fastly API Token: ${apiTokenResult.apiToken.slice(0, 4)}${'*'.repeat(apiTokenResult.apiToken.length - 4)} from '${apiTokenResult.source}'`);

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information

This logs sensitive data returned by [an access to apiToken](1) as clear text. This logs sensitive data returned by [an access to apiTokenResult](2) as clear text.

Copilot Autofix

AI 2 days ago

To fix the issue, the log message on line 111 should be altered to exclude any part of the API token value. Instead, the log may note that a Fastly API token was loaded and, optionally, indicate the source from which it was loaded (e.g. environment variable, command line), but should not print the actual value or any portion thereof. Update the log statement to mask or remove the token, leaving only non-sensitive contextual information (e.g. "✔️ Fastly API Token loaded from 'env'").

The file to edit is src/cli/storage/s3-storage-provider.ts.
Only the log statement on line 111 is affected.
No new methods, imports, or definitions are required for this fix.

Suggested changeset 1
src/cli/storage/s3-storage-provider.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/cli/storage/s3-storage-provider.ts b/src/cli/storage/s3-storage-provider.ts
--- a/src/cli/storage/s3-storage-provider.ts
+++ b/src/cli/storage/s3-storage-provider.ts
@@ -108,7 +108,7 @@
     if (apiTokenResult == null) {
       throw new Error("❌ Fastly API Token not provided.\nSet the FASTLY_API_TOKEN environment variable to an API token that has write access to the KV Store.");
     }
-    console.log(`✔️ Fastly API Token: ${apiTokenResult.apiToken.slice(0, 4)}${'*'.repeat(apiTokenResult.apiToken.length - 4)} from '${apiTokenResult.source}'`);
+    console.log(`✔️ Fastly API Token loaded from '${apiTokenResult.source}'`);
     apiToken = apiTokenResult.apiToken;
   }
 
EOF
@@ -108,7 +108,7 @@
if (apiTokenResult == null) {
throw new Error("❌ Fastly API Token not provided.\nSet the FASTLY_API_TOKEN environment variable to an API token that has write access to the KV Store.");
}
console.log(`✔️ Fastly API Token: ${apiTokenResult.apiToken.slice(0, 4)}${'*'.repeat(apiTokenResult.apiToken.length - 4)} from '${apiTokenResult.source}'`);
console.log(`✔️ Fastly API Token loaded from '${apiTokenResult.source}'`);
apiToken = apiTokenResult.apiToken;
}

Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kailan kailan Awaiting requested review from kailan kailan was automatically assigned from fastly/developer-relations

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@harmony7