From 861295b1922ac8411c6cf24c83f84f911b8b2ed5 Mon Sep 17 00:00:00 2001
From: Michael Hudson-Doyle <michael.hudson@canonical.com>
Date: Wed, 9 Jun 2021 09:57:25 +1200
Subject: [PATCH] add a comment about why we only split out the wifi config

---
 subiquity/models/network.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/subiquity/models/network.py b/subiquity/models/network.py
index 0412fc54..445284aa 100644
--- a/subiquity/models/network.py
+++ b/subiquity/models/network.py
@@ -34,6 +34,11 @@ class NetworkModel(NetworkModel):
 
     def render(self):
         netplan = self.render_config()
+        # We write wifi config -- which almost certainly contains secrets -- to
+        # a separate file with more restrictive permissions. This isn't a
+        # perfect solution because in principle there could be wired 802.1x
+        # stuff that has secrets too but the subiquity UI does not support any
+        # of that yet so this will do for now.
         wifis = netplan['network'].pop('wifis', None)
         r = {
             'write_files': {