1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
package logsanitizer
import (
"bytes"
"fmt"
"io/ioutil"
"testing"
log "github.com/sirupsen/logrus"
"github.com/stretchr/testify/require"
)
func TestUrlSanitizerHook(t *testing.T) {
outBuf := &bytes.Buffer{}
urlSanitizer := NewURLSanitizerHook()
urlSanitizer.AddPossibleGrpcMethod(
"UpdateRemoteMirror",
"CreateRepositoryFromURL",
"FetchRemote",
)
logger := log.New()
logger.Out = outBuf
logger.Hooks.Add(urlSanitizer)
testCases := []struct {
desc string
logFunc func()
expectedString string
}{
{
desc: "with args",
logFunc: func() {
logger.WithFields(log.Fields{
"grpc.method": "CreateRepositoryFromURL",
"args": []string{"/usr/bin/git", "clone", "--bare", "--", "https://foo_the_user:hUntEr1@gitlab.com/foo/bar", "/home/git/repositories/foo/bar"},
}).Info("spawn")
},
expectedString: "[/usr/bin/git clone --bare -- https://[FILTERED]@gitlab.com/foo/bar /home/git/repositories/foo/bar]",
},
{
desc: "with error",
logFunc: func() {
logger.WithFields(log.Fields{
"grpc.method": "UpdateRemoteMirror",
"error": fmt.Errorf("rpc error: code = Unknown desc = remote: Invalid username or password. fatal: Authentication failed for 'https://foo_the_user:hUntEr1@gitlab.com/foo/bar'"),
}).Error("ERROR")
},
expectedString: "rpc error: code = Unknown desc = remote: Invalid username or password. fatal: Authentication failed for 'https://[FILTERED]@gitlab.com/foo/bar'",
},
{
desc: "with message",
logFunc: func() {
logger.WithFields(log.Fields{
"grpc.method": "CreateRepositoryFromURL",
}).Info("asked for: https://foo_the_user:hUntEr1@gitlab.com/foo/bar")
},
expectedString: "asked for: https://[FILTERED]@gitlab.com/foo/bar",
},
{
desc: "with URL without scheme output",
logFunc: func() {
logger.WithFields(log.Fields{
"grpc.method": "FetchRemote",
}).Info("fatal: unable to look up foo:bar@non-existent.org (port 9418) (nodename nor servname provided, or not known")
},
expectedString: "unable to look up [FILTERED]@non-existent.org (port 9418) (nodename nor servname provided, or not known",
},
{
desc: "with gRPC method not added to the list",
logFunc: func() {
logger.WithFields(log.Fields{
"grpc.method": "UserDeleteTag",
}).Error("fatal: 'https://foo_the_user:hUntEr1@gitlab.com/foo/bar' is not a valid tag name.")
},
expectedString: "fatal: 'https://foo_the_user:hUntEr1@gitlab.com/foo/bar' is not a valid tag name.",
},
{
desc: "log with URL that does not require sanitization",
logFunc: func() {
logger.WithFields(log.Fields{
"grpc.method": "CreateRepositoryFromURL",
}).Info("asked for: https://gitlab.com/gitlab-org/gitaly/v14")
},
expectedString: "asked for: https://gitlab.com/gitlab-org/gitaly/v14",
},
}
for _, testCase := range testCases {
t.Run(testCase.desc, func(t *testing.T) {
testCase.logFunc()
logOutput := outBuf.String()
require.Contains(t, logOutput, testCase.expectedString)
})
}
}
func BenchmarkUrlSanitizerWithoutSanitization(b *testing.B) {
urlSanitizer := NewURLSanitizerHook()
logger := log.New()
logger.Out = ioutil.Discard
logger.Hooks.Add(urlSanitizer)
benchmarkLogging(logger, b)
}
func BenchmarkUrlSanitizerWithSanitization(b *testing.B) {
urlSanitizer := NewURLSanitizerHook()
urlSanitizer.AddPossibleGrpcMethod(
"UpdateRemoteMirror",
"CreateRepositoryFromURL",
)
logger := log.New()
logger.Out = ioutil.Discard
logger.Hooks.Add(urlSanitizer)
benchmarkLogging(logger, b)
}
func benchmarkLogging(logger *log.Logger, b *testing.B) {
for n := 0; n < b.N; n++ {
logger.WithFields(log.Fields{
"grpc.method": "CreateRepositoryFromURL",
"args": []string{"/usr/bin/git", "clone", "--bare", "--", "https://foo_the_user:hUntEr1@gitlab.com/foo/bar", "/home/git/repositories/foo/bar"},
}).Info("spawn")
logger.WithFields(log.Fields{
"grpc.method": "UpdateRemoteMirror",
"error": fmt.Errorf("rpc error: code = Unknown desc = remote: Invalid username or password. fatal: Authentication failed for 'https://foo_the_user:hUntEr1@gitlab.com/foo/bar'"),
}).Error("ERROR")
logger.WithFields(log.Fields{
"grpc.method": "CreateRepositoryFromURL",
}).Info("asked for: https://foo_the_user:hUntEr1@gitlab.com/foo/bar")
}
}
|