-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Redact endpoint secrets in logs #3989
Conversation
Codecov Report
@@ Coverage Diff @@
## main #3989 +/- ##
======================================
- Coverage 72% 72% -0%
======================================
Files 366 366
Lines 57082 57340 +258
Branches 57082 57340 +258
======================================
+ Hits 41210 41385 +175
- Misses 13786 13854 +68
- Partials 2086 2101 +15
... and 22 files with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
a0cb104
to
1676b99
Compare
Here's an example of a bitcoin one from getblock.io (not valid, but a valid format): https://btc.getblock.io/de76678e-a489-4503-2ba2-81156c471220/mainnet/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice, thanks. Maybe take a look at the bitcoin case I gave before merging
/// Partially redacts the secret in the url of the node endpoint. | ||
/// eg: `wss://cdcd639308194d3f977a1a5a7ff0d545.rinkeby.ws.rivet.cloud/` -> | ||
/// `wss://cdc****.rinkeby.ws.rivet.cloud/` | ||
#[allow(unused)] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it's used now
7e254d0
to
d16de5e
Compare
* chore: moved redact code to utils * feat: use SecretUrl type for endpoints * refactor: Addressed PR comments
* chore: moved redact code to utils * feat: use SecretUrl type for endpoints * refactor: Addressed PR comments
* chore: moved redact code to utils * feat: use SecretUrl type for endpoints * refactor: Addressed PR comments
Pull Request
Closes: PRO-733
Checklist
Please conduct a thorough self-review before opening the PR.
Summary
SecretUrl
that is a wrapper around a string so I can guarantee it is displayed using the redact function.SecretUrl
to some errors insetting.rs
, for better error feedback.Note: The redact code was specific for Eth, but should work for the other endpoints because it will just redact almost the whole url if no eth secret is found. But let me know if you have an example of a Dot or Btc endpoint that we can use to create specific redaction code.