From 940d2799b3a68ab2304db6542dfae02f149f8d0e Mon Sep 17 00:00:00 2001 From: Vincent Dai <23257217+vidai-msft@users.noreply.github.com> Date: Tue, 2 Apr 2024 11:23:28 +0800 Subject: [PATCH] Fix the issue that string is returned instead of object. One more message is added to accommodate this situation. --- src/Common/AzurePSCmdlet.cs | 16 ++++++++++------ src/Common/MetricHelper.cs | 7 ++++--- src/Common/Properties/Resources.Designer.cs | 13 +++++++++++-- src/Common/Properties/Resources.resx | 5 ++++- src/Common/Sanitizer/SanitizerTelemetry.cs | 8 ++++++++ 5 files changed, 37 insertions(+), 12 deletions(-) diff --git a/src/Common/AzurePSCmdlet.cs b/src/Common/AzurePSCmdlet.cs index 0c005048cd..88443945f1 100644 --- a/src/Common/AzurePSCmdlet.cs +++ b/src/Common/AzurePSCmdlet.cs @@ -171,7 +171,7 @@ private IOutputSanitizer OutputSanitizer { get { - if (AzureSession.Instance != null && AzureSession.Instance.TryGetComponent(nameof(IOutputSanitizer), out var outputSanitizer)) + if (AzureSession.Instance.TryGetComponent(nameof(IOutputSanitizer), out var outputSanitizer)) return outputSanitizer; return null; @@ -407,11 +407,15 @@ private void WriteSecretsWarningMessage() if (_qosEvent?.SanitizerInfo != null) { var sanitizerInfo = _qosEvent.SanitizerInfo; - if (sanitizerInfo.ShowSecretsWarning) + if (sanitizerInfo.ShowSecretsWarning && sanitizerInfo.SecretsDetected) { - if (sanitizerInfo.DetectedProperties?.Count > 0) + if (sanitizerInfo.DetectedProperties.Count == 0) { - WriteWarning(string.Format(Resources.DisplaySecretsWarningMessage, MyInvocation.InvocationName, string.Join(", ", sanitizerInfo.DetectedProperties))); + WriteWarning(string.Format(Resources.DisplaySecretsWarningMessageWithoutProperty, MyInvocation.InvocationName)); + } + else + { + WriteWarning(string.Format(Resources.DisplaySecretsWarningMessageWithProperty, MyInvocation.InvocationName, string.Join(", ", sanitizerInfo.DetectedProperties))); } } } @@ -544,7 +548,7 @@ protected void WriteSurvey() private void SanitizeOutput(object sendToPipeline) { - if (OutputSanitizer != null && OutputSanitizer.RequireSecretsDetection) + if (OutputSanitizer?.RequireSecretsDetection == true) { OutputSanitizer.Sanitize(sendToPipeline, out var telemetry); _qosEvent?.SanitizerInfo.Combine(telemetry); @@ -767,7 +771,7 @@ protected virtual void InitializeQosEvent() } } - _qosEvent.SanitizerInfo = new SanitizerTelemetry(); + _qosEvent.SanitizerInfo = new SanitizerTelemetry(OutputSanitizer?.RequireSecretsDetection == true); } private void RecordDebugMessages() diff --git a/src/Common/MetricHelper.cs b/src/Common/MetricHelper.cs index 7baa1ad3fb..ca2bb3a4ef 100644 --- a/src/Common/MetricHelper.cs +++ b/src/Common/MetricHelper.cs @@ -475,11 +475,12 @@ private void PopulateSanitizerPropertiesFromQos(AzurePSQoSEvent qos, IDictionary eventProperties["secrets-warning"] = qos.SanitizerInfo.ShowSecretsWarning.ToString(); if (qos.SanitizerInfo.ShowSecretsWarning) { - bool secretsDetected = qos.SanitizerInfo.DetectedProperties.Count > 0; + bool secretsDetected = qos.SanitizerInfo.SecretsDetected; eventProperties["secrets-detected"] = secretsDetected.ToString(); if (secretsDetected) { - eventProperties.Add("secrets-detected-properties", string.Join(";", qos.SanitizerInfo.DetectedProperties)); + var detectedProperties = qos.SanitizerInfo.DetectedProperties.Count == 0 ? "[None]" : string.Join(";", qos.SanitizerInfo.DetectedProperties); + eventProperties.Add("secrets-detected-properties", detectedProperties); } if (qos.SanitizerInfo.HasErrorInDetection && qos.SanitizerInfo.DetectionError != null) { @@ -706,7 +707,7 @@ public override string ToString() sb.Append($"; IsSuccess: {IsSuccess}; Duration: {Duration}"); - if (SanitizerInfo?.ShowSecretsWarning == true) + if (SanitizerInfo.ShowSecretsWarning) { sb.Append($"; SanitizeDuration: {SanitizerInfo.SanitizeDuration}"); } diff --git a/src/Common/Properties/Resources.Designer.cs b/src/Common/Properties/Resources.Designer.cs index 1131201c8e..27fb350b65 100644 --- a/src/Common/Properties/Resources.Designer.cs +++ b/src/Common/Properties/Resources.Designer.cs @@ -1164,12 +1164,21 @@ public static string DictionaryCopyToArrayTooShort { } } + /// + /// Looks up a localized string similar to The output of cmdlet {0} may compromise security by showing secrets. Learn more at https://go.microsoft.com/fwlink/?linkid=2258844. + /// + public static string DisplaySecretsWarningMessageWithoutProperty { + get { + return ResourceManager.GetString("DisplaySecretsWarningMessageWithoutProperty", resourceCulture); + } + } + /// /// Looks up a localized string similar to The output of cmdlet {0} may compromise security by showing the following secrets: {1}. Learn more at https://go.microsoft.com/fwlink/?linkid=2258844. /// - public static string DisplaySecretsWarningMessage { + public static string DisplaySecretsWarningMessageWithProperty { get { - return ResourceManager.GetString("DisplaySecretsWarningMessage", resourceCulture); + return ResourceManager.GetString("DisplaySecretsWarningMessageWithProperty", resourceCulture); } } diff --git a/src/Common/Properties/Resources.resx b/src/Common/Properties/Resources.resx index 47e894e703..d97d84914f 100644 --- a/src/Common/Properties/Resources.resx +++ b/src/Common/Properties/Resources.resx @@ -1760,7 +1760,10 @@ Note : Go to {0} for steps to suppress this breaking change warning, and other i [Survey] Help us improve Azure PowerShell by sharing your experience. This survey should take about 5 minutes. Run 'Open-AzSurveyLink' to open in browser. Learn more at {0} - + The output of cmdlet {0} may compromise security by showing the following secrets: {1}. Learn more at https://go.microsoft.com/fwlink/?linkid=2258844 + + The output of cmdlet {0} may compromise security by showing secrets. Learn more at https://go.microsoft.com/fwlink/?linkid=2258844 + \ No newline at end of file diff --git a/src/Common/Sanitizer/SanitizerTelemetry.cs b/src/Common/Sanitizer/SanitizerTelemetry.cs index 7923cf06ec..966bcff95d 100644 --- a/src/Common/Sanitizer/SanitizerTelemetry.cs +++ b/src/Common/Sanitizer/SanitizerTelemetry.cs @@ -21,6 +21,8 @@ public class SanitizerTelemetry { public bool ShowSecretsWarning { get; set; } = false; + public bool SecretsDetected { get; set; } = false; + public HashSet DetectedProperties { get; set; } = new HashSet(); public bool HasErrorInDetection { get; set; } = false; @@ -29,11 +31,17 @@ public class SanitizerTelemetry public TimeSpan SanitizeDuration { get; set; } + public SanitizerTelemetry(bool showSecretsWarning) + { + ShowSecretsWarning = showSecretsWarning; + } + public void Combine(SanitizerTelemetry telemetry) { if (telemetry != null) { ShowSecretsWarning = ShowSecretsWarning || telemetry.ShowSecretsWarning; + SecretsDetected = SecretsDetected || telemetry.SecretsDetected; DetectedProperties.UnionWith(telemetry.DetectedProperties); HasErrorInDetection = HasErrorInDetection || telemetry.HasErrorInDetection; DetectionError = DetectionError ?? telemetry.DetectionError;