sanitize auth method in create/update reply (#25519)

create/update APIs only work for someone who has the secret(s) in hand, but that someone could be a CI system, which might log output.
2026-01-06 02:15:43 +03:00 · 2025-03-26 12:36:08 -04:00
parent fb93c41ba7
commit 0e121b3c29
1 changed files with 1 additions and 1 deletions
--- a/nomad/acl_endpoint.go
+++ b/nomad/acl_endpoint.go
@@ -1947,7 +1947,7 @@ func (a *ACL) UpsertAuthMethods(
 			return structs.NewErrRPCCodedf(400, "ACL auth method lookup failed: %v", err)
 		}
 		if lookupAuthMethod != nil {
-			reply.AuthMethods = append(reply.AuthMethods, lookupAuthMethod)
+			reply.AuthMethods = append(reply.AuthMethods, lookupAuthMethod.Sanitize())
 		}
 	}