e2e-test: Mask sensitive keys in test trace #742

stevenhorsman · 2023-03-23T15:14:06Z

A while ago we implemented sensitive key obfuscation in the dev code of peer pods, but during a recorded demo on the CoCo call I discovered that we don't have that into the e2e test cases e.g. logging the config:
e.g.

INFO[1504] Customize the overlay yaml file
DEBU[1504] map[CLOUD_PROVIDER:ibmcloud CRI_RUNTIME_ENDPOINT:/run/cri-runtime/containerd.sock IBMCLOUD_API_KEY:vFFXXXXXXXXXXXX IBMCLOUD_IAM_ENDPOINT:https://iam.cloud.ibm.com/identity/token ...

and debug for the test properties:

time="2023-03-23T07:26:28-07:00" level=debug msg="&{ApiKey:vFFxxxxxxxxxxxx Bucket:sh-pp-z-cos-bucket-ca-tor-2-2-23 ClusterName:sh-e2e-test CosApiKey:vFFxxxxxxxxxxxxxxxxxx CosInstanceID:crn:v1:bluemix:public:cloud-object-storage:global:a/c5672f2b9bd2fd6cbc81f37056b2e542:e34e4af3-7af9-45d7-98c4-7f63dcde8f6b:: CosServiceURL:s3.ca-tor.cloud-object-storage.appdomain.cloud SecurityGroupID: IamServiceURL: InstanceProfile:bz2-2x8 KubeVersion:1.26.1 PodvmImageID:r022-98cd44cc-3540-4289-a601-3392b7b41811 PodvmImageArch:s390x PublicGatewayID: Region:jp-tok ResourceGroupID:31af14bcb3dc4a6499c90b18efb50ea6 SshKeyContent:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDaq78ahrA9BC9rJv7v7rSsr+z7fN8zzbQXnwctZh3lh5+A2MhEjRTW7QumZBxBKaXWfkSBfV9EIU+QVz8dDvWvK7X3P48td+UpbBgAT91HDTswWma+IiKzzDQGcEZ2LUlfNvhESbUg5DQsgzmmn2LbJqoZVf0VzFTqXlgIM78byc8HBdDQJad5VTV2PF06qmCQsA67HnNN5WfentgxNUsOFjBQE245vLhoSihQsA1zU6t82wBxKrbJp8QZsrmXNsKwm3DokjlBlYiy9ve5BMj0mqGdnGuPxWZvah0VtGpZ20sR7VlXmUJOViFCWbgOqVbDVbqEC0qpz0PyLpOv54Zil1v9PL4lUW4MOL8fOpSSr6QakOqVlkaiOdj48TfzRsJJQHVBQoCpMmgjjd25FNK2zki1igtiMzS73jHxPm0h2NwP5lHpTI9sksoNJLkatxcH6Mzi4hYCZamyr4TYXQWNud1QbY9KvFOmDRuC6Em1PzxawsdrIjWQkjbQok8sW80= root@stevenh-qfh-test1.fyre.ibm.com SshKeyID: SshKeyName:qfh-e2e-testkey SubnetName:sh-e2e-test-vpc-subnet SubnetID: VpcName:sh-e2e-test-vpc VpcID: VpcServiceURL: WorkerFlavor:bx2.2x8 WorkerOS:UBUNTU_20_64 Zone:jp-tok-2 WorkerCount:1 IsSelfManaged:false VPC:<nil> ClusterAPI:<nil>}"

As we want to share logging and tests runs for CI/CD in open-source I think we should implement masking here as well for safety.

The text was updated successfully, but these errors were encountered:

stevenhorsman · 2024-12-11T15:07:39Z

I think this was addressed in #2169

stevenhorsman closed this as completed Dec 11, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

e2e-test: Mask sensitive keys in test trace #742

e2e-test: Mask sensitive keys in test trace #742

stevenhorsman commented Mar 23, 2023

stevenhorsman commented Dec 11, 2024

e2e-test: Mask sensitive keys in test trace #742

e2e-test: Mask sensitive keys in test trace #742

Comments

stevenhorsman commented Mar 23, 2023

stevenhorsman commented Dec 11, 2024