Upstream provider causing confluent provider to show username and password in terminal

[pierskarsenbarg]

Underlying TF provider issue causes username and password to show up in terminal via stderr.

The underlying cause is the Confluent SDK uses by the Terraform provider (https://github.com/Mongey/terraform-provider-confluentcloud) hard codes the debug level of HTTP requests responses to true. There's a PR that fixes it https://github.com/cgroschupp/go-client-confluent-cloud/pull/22.

[aviflax]

The security problem is obviously a big deal, but I just want to add that the fact that the provider is writing a ton of debug messages to stderr means that when I use the provider by running pulumi up — dozens or hundreds of lines of text are written to my terminal in the “diagnostics” section, which is distracting and a bit annoying.

[raytung]

This happens due to the Terraform provider using a Confluent SDK which hard coded debug output to true. This can be tracked in cgroschupp/go-client-confluent-cloud#22. There's also an issue in the Terraform provider to bump the SDK Mongey/terraform-provider-confluentcloud#88.

[treykasada]

Mongey/terraform-provider-confluentcloud#88 has now been resolved and the fix released. We should just be able to resolve this by bumping the version used here to that latest release. 🙂

[treykasada]

I've raised a PR to bump the version. I believe it needs more work before it can be merged, but I was unable to get make to run. If someone can lend a hand and/or takeover from here, that'd be swell! 🙂