-
Notifications
You must be signed in to change notification settings - Fork 5.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
br: redact secret strings when logging arguments #57593
br: redact secret strings when logging arguments #57593
Conversation
Hi @kennytm. Thanks for your PR. PRs from untrusted users cannot be marked as trusted with I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Signed-off-by: kennytm <kennytm@gmail.com>
dc659aa
to
6d0f592
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #57593 +/- ##
================================================
+ Coverage 72.8033% 74.5370% +1.7336%
================================================
Files 1676 1691 +15
Lines 463631 463740 +109
================================================
+ Hits 337539 345658 +8119
+ Misses 105278 96607 -8671
- Partials 20814 21475 +661
Flags with carried forward coverage won't be shown. Click here to find out more.
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: 3pointer, BornChanger The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
[LGTM Timeline notifier]Timeline:
|
In response to a cherrypick label: new pull request created to branch |
In response to a cherrypick label: new pull request created to branch |
In response to a cherrypick label: new pull request created to branch |
In response to a cherrypick label: new pull request created to branch |
In response to a cherrypick label: new pull request created to branch |
In response to a cherrypick label: new pull request created to branch |
What problem does this PR solve?
Issue Number: close #57585
Problem Summary: Some values from the command line are not properly redacted.
What changed and how does it work?
In additional to the existing handling for
--storage
, we also apply redaction to the following parameters:--full-backup-storage
--crypter.key
--log.crypter.key
--azblob.encryption-key
--master-key
(the current implementation of this may be too conservative)Check List
Tests
Side effects
Documentation
Release note
Please refer to Release Notes Language Style Guide to write a quality release note.