Skip to content

fix: redact sensitive pipeline headers#826

Merged
intel352 merged 1 commit into
mainfrom
issue-825-redact-auth
Jun 1, 2026
Merged

fix: redact sensitive pipeline headers#826
intel352 merged 1 commit into
mainfrom
issue-825-redact-auth

Conversation

@intel352
Copy link
Copy Markdown
Contributor

@intel352 intel352 commented Jun 1, 2026

Summary

  • redact Authorization, Cookie/Set-Cookie, and hyphenated API-key fields in recursive pipeline debug-log redaction
  • add module-level coverage for nested sensitive headers while preserving non-sensitive headers
  • add engine-level coverage proving DEBUG result logs redact sensitive headers while preserving raw pipeline result holder data

Fixes #825.

Verification

  • GOWORK=off go test ./module -run TestRedactStepOutput_NestedSensitiveHeaders -count=1
  • GOWORK=off go test . -run TestEngineTriggerWorkflow_RedactsSensitiveResultHeadersInDebugLogs -count=1
  • GOWORK=off go test . ./module -count=1
  • git diff --check

Copilot AI review requested due to automatic review settings June 1, 2026 23:34
Copilot AI reviewed Jun 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Extends the workflow engine’s recursive step-output redaction to cover sensitive HTTP header fields (e.g., Authorization, Cookie/Set-Cookie, and hyphenated API key headers) and adds tests to ensure debug logs redact these values while preserving raw pipeline results for response handling.

Changes:

  • Expanded SensitiveFieldPatterns to include authorization, cookie, and api-key for better header redaction coverage.
  • Added module-level test coverage for nested sensitive header keys while ensuring non-sensitive headers remain visible.
  • Added engine-level test coverage ensuring DEBUG result logs redact sensitive header values while PipelineResultHolder retains raw (unredacted) results.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
module/step_output_redactor.go Adds additional sensitive key patterns to ensure common HTTP auth/session headers and hyphenated API key headers are redacted.
module/step_output_redactor_test.go Adds coverage for nested headers maps to verify sensitive header keys redact and benign keys (e.g., Content-Type) remain intact.
engine_test.go Adds an integration test proving engine DEBUG logs redact sensitive result headers while preserving raw results in the context holder.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Jun 1, 2026

⏱ Benchmark Results

No significant performance regressions detected.

benchstat comparison (baseline → PR) 
## benchstat: baseline → PR
baseline-bench.txt:306: parsing iteration count: invalid syntax
baseline-bench.txt:325420: parsing iteration count: invalid syntax
baseline-bench.txt:633005: parsing iteration count: invalid syntax
baseline-bench.txt:904605: parsing iteration count: invalid syntax
baseline-bench.txt:1219444: parsing iteration count: invalid syntax
baseline-bench.txt:1525535: parsing iteration count: invalid syntax
benchmark-results.txt:306: parsing iteration count: invalid syntax
benchmark-results.txt:298882: parsing iteration count: invalid syntax
benchmark-results.txt:646547: parsing iteration count: invalid syntax
benchmark-results.txt:994983: parsing iteration count: invalid syntax
benchmark-results.txt:1321915: parsing iteration count: invalid syntax
benchmark-results.txt:1655567: parsing iteration count: invalid syntax
goos: linux
goarch: amd64
pkg: github.com/GoCodeAlone/workflow/dynamic
cpu: AMD EPYC 9V74 80-Core Processor                
                            │ baseline-bench.txt │       benchmark-results.txt        │
                            │       sec/op       │    sec/op     vs base              │
InterpreterCreation-4              10.762m ± 63%   9.934m ± 70%  -7.70% (p=0.041 n=6)
ComponentLoad-4                     3.494m ±  0%   3.468m ±  8%       ~ (p=0.394 n=6)
ComponentExecute-4                  1.819µ ±  1%   1.845µ ±  2%       ~ (p=0.087 n=6)
PoolContention/workers-1-4          1.019µ ±  2%   1.040µ ±  3%  +2.11% (p=0.024 n=6)
PoolContention/workers-2-4          1.016µ ±  2%   1.029µ ±  4%       ~ (p=0.132 n=6)
PoolContention/workers-4-4          1.016µ ±  1%   1.012µ ±  1%       ~ (p=0.210 n=6)
PoolContention/workers-8-4          1.020µ ±  1%   1.008µ ±  2%       ~ (p=0.169 n=6)
PoolContention/workers-16-4         1.019µ ±  1%   1.010µ ±  1%  -0.88% (p=0.017 n=6)
ComponentLifecycle-4                3.557m ±  1%   3.463m ±  0%  -2.64% (p=0.002 n=6)
SourceValidation-4                  2.121µ ±  1%   2.081µ ±  0%  -1.86% (p=0.002 n=6)
RegistryConcurrent-4                756.6n ±  4%   739.1n ±  3%       ~ (p=0.143 n=6)
LoaderLoadFromString-4              3.666m ±  3%   3.492m ±  1%  -4.74% (p=0.002 n=6)
geomean                             18.46µ         18.18µ        -1.51%

                            │ baseline-bench.txt │        benchmark-results.txt         │
                            │        B/op        │     B/op      vs base                │
InterpreterCreation-4               2.027Mi ± 0%   2.027Mi ± 0%       ~ (p=0.485 n=6)
ComponentLoad-4                     2.180Mi ± 0%   2.180Mi ± 0%       ~ (p=0.065 n=6)
ComponentExecute-4                  1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-1-4          1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-2-4          1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-4-4          1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-8-4          1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-16-4         1.203Ki ± 0%   1.203Ki ± 0%       ~ (p=1.000 n=6) ¹
ComponentLifecycle-4                2.183Mi ± 0%   2.183Mi ± 0%       ~ (p=0.818 n=6)
SourceValidation-4                  1.984Ki ± 0%   1.984Ki ± 0%       ~ (p=1.000 n=6) ¹
RegistryConcurrent-4                1.133Ki ± 0%   1.133Ki ± 0%       ~ (p=1.000 n=6) ¹
LoaderLoadFromString-4              2.182Mi ± 0%   2.182Mi ± 0%       ~ (p=0.368 n=6)
geomean                             15.25Ki        15.25Ki       -0.00%
¹ all samples are equal

                            │ baseline-bench.txt │        benchmark-results.txt        │
                            │     allocs/op      │  allocs/op   vs base                │
InterpreterCreation-4                15.68k ± 0%   15.68k ± 0%       ~ (p=1.000 n=6)
ComponentLoad-4                      18.02k ± 0%   18.02k ± 0%       ~ (p=1.000 n=6)
ComponentExecute-4                    25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-1-4            25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-2-4            25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-4-4            25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-8-4            25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
PoolContention/workers-16-4           25.00 ± 0%    25.00 ± 0%       ~ (p=1.000 n=6) ¹
ComponentLifecycle-4                 18.07k ± 0%   18.07k ± 0%       ~ (p=1.000 n=6) ¹
SourceValidation-4                    32.00 ± 0%    32.00 ± 0%       ~ (p=1.000 n=6) ¹
RegistryConcurrent-4                  2.000 ± 0%    2.000 ± 0%       ~ (p=1.000 n=6) ¹
LoaderLoadFromString-4               18.06k ± 0%   18.06k ± 0%       ~ (p=1.000 n=6) ¹
geomean                               183.3         183.3       +0.00%
¹ all samples are equal

pkg: github.com/GoCodeAlone/workflow/middleware
                                  │ baseline-bench.txt │       benchmark-results.txt        │
                                  │       sec/op       │    sec/op     vs base              │
CircuitBreakerDetection-4                 303.1n ± 19%   305.6n ± 12%       ~ (p=0.937 n=6)
CircuitBreakerExecution_Success-4         22.68n ±  0%   22.68n ±  1%       ~ (p=0.790 n=6)
CircuitBreakerExecution_Failure-4         71.01n ±  1%   70.91n ±  0%  -0.13% (p=0.006 n=6)
geomean                                   78.74n         78.91n        +0.21%

                                  │ baseline-bench.txt │       benchmark-results.txt        │
                                  │        B/op        │    B/op     vs base                │
CircuitBreakerDetection-4                 144.0 ± 0%     144.0 ± 0%       ~ (p=1.000 n=6) ¹
CircuitBreakerExecution_Success-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
CircuitBreakerExecution_Failure-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
geomean                                              ²               +0.00%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

                                  │ baseline-bench.txt │       benchmark-results.txt        │
                                  │     allocs/op      │ allocs/op   vs base                │
CircuitBreakerDetection-4                 1.000 ± 0%     1.000 ± 0%       ~ (p=1.000 n=6) ¹
CircuitBreakerExecution_Success-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
CircuitBreakerExecution_Failure-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
geomean                                              ²               +0.00%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/module
                                 │ baseline-bench.txt │       benchmark-results.txt        │
                                 │       sec/op       │    sec/op     vs base              │
IaCStateBackend_InProcess-4              334.0n ± 16%   316.8n ± 17%       ~ (p=1.000 n=6)
IaCStateBackend_GRPC-4                   10.26m ±  2%   10.17m ± 21%       ~ (p=0.485 n=6)
JQTransform_Simple-4                     692.7n ± 36%   671.9n ± 28%       ~ (p=0.310 n=6)
JQTransform_ObjectConstruction-4         1.513µ ±  2%   1.491µ ±  5%  -1.49% (p=0.028 n=6)
JQTransform_ArraySelect-4                3.595µ ±  2%   3.602µ ±  1%       ~ (p=0.786 n=6)
JQTransform_Complex-4                    43.51µ ±  1%   43.13µ ±  1%  -0.88% (p=0.004 n=6)
JQTransform_Throughput-4                 1.858µ ±  2%   1.754µ ±  4%  -5.60% (p=0.002 n=6)
SSEPublishDelivery-4                     64.68n ±  1%   65.36n ±  2%  +1.06% (p=0.015 n=6)
geomean                                  4.015µ         3.935µ        -2.00%

                                 │ baseline-bench.txt │         benchmark-results.txt         │
                                 │        B/op        │     B/op       vs base                │
IaCStateBackend_InProcess-4             416.0 ±  0%       416.0 ±  0%       ~ (p=1.000 n=6) ¹
IaCStateBackend_GRPC-4                5.692Mi ± 12%     5.734Mi ± 12%       ~ (p=0.699 n=6)
JQTransform_Simple-4                  1.273Ki ±  0%     1.273Ki ±  0%       ~ (p=1.000 n=6) ¹
JQTransform_ObjectConstruction-4      1.773Ki ±  0%     1.773Ki ±  0%       ~ (p=1.000 n=6) ¹
JQTransform_ArraySelect-4             2.625Ki ±  0%     2.625Ki ±  0%       ~ (p=1.000 n=6) ¹
JQTransform_Complex-4                 16.31Ki ±  0%     16.31Ki ±  0%       ~ (p=1.000 n=6) ¹
JQTransform_Throughput-4              1.984Ki ±  0%     1.984Ki ±  0%       ~ (p=1.000 n=6) ¹
SSEPublishDelivery-4                    0.000 ±  0%       0.000 ±  0%       ~ (p=1.000 n=6) ¹
geomean                                             ²                  +0.09%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

                                 │ baseline-bench.txt │        benchmark-results.txt        │
                                 │     allocs/op      │  allocs/op   vs base                │
IaCStateBackend_InProcess-4              2.000 ± 0%      2.000 ± 0%       ~ (p=1.000 n=6) ¹
IaCStateBackend_GRPC-4                  6.854k ± 0%     6.856k ± 0%       ~ (p=0.734 n=6)
JQTransform_Simple-4                     10.00 ± 0%      10.00 ± 0%       ~ (p=1.000 n=6) ¹
JQTransform_ObjectConstruction-4         15.00 ± 0%      15.00 ± 0%       ~ (p=1.000 n=6) ¹
JQTransform_ArraySelect-4                30.00 ± 0%      30.00 ± 0%       ~ (p=1.000 n=6) ¹
JQTransform_Complex-4                    328.0 ± 0%      328.0 ± 0%       ~ (p=1.000 n=6) ¹
JQTransform_Throughput-4                 17.00 ± 0%      17.00 ± 0%       ~ (p=1.000 n=6) ¹
SSEPublishDelivery-4                     0.000 ± 0%      0.000 ± 0%       ~ (p=1.000 n=6) ¹
geomean                                             ²                +0.00%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/schema
                                    │ baseline-bench.txt │       benchmark-results.txt       │
                                    │       sec/op       │   sec/op     vs base              │
SchemaValidation_Simple-4                   1.110µ ± 14%   1.080µ ± 4%       ~ (p=0.089 n=6)
SchemaValidation_AllFields-4                1.653µ ±  4%   1.636µ ± 2%       ~ (p=0.223 n=6)
SchemaValidation_FormatValidation-4         1.564µ ±  2%   1.557µ ± 2%       ~ (p=0.513 n=6)
SchemaValidation_ManySchemas-4              1.604µ ±  2%   1.613µ ± 2%       ~ (p=0.310 n=6)
geomean                                     1.465µ         1.451µ       -0.92%

                                    │ baseline-bench.txt │       benchmark-results.txt        │
                                    │        B/op        │    B/op     vs base                │
SchemaValidation_Simple-4                   0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_AllFields-4                0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_FormatValidation-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_ManySchemas-4              0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
geomean                                                ²               +0.00%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

                                    │ baseline-bench.txt │       benchmark-results.txt        │
                                    │     allocs/op      │ allocs/op   vs base                │
SchemaValidation_Simple-4                   0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_AllFields-4                0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_FormatValidation-4         0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
SchemaValidation_ManySchemas-4              0.000 ± 0%     0.000 ± 0%       ~ (p=1.000 n=6) ¹
geomean                                                ²               +0.00%               ²
¹ all samples are equal
² summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/store
                                   │ baseline-bench.txt │       benchmark-results.txt        │
                                   │       sec/op       │    sec/op     vs base              │
EventStoreAppend_InMemory-4                1.034µ ± 35%   1.213µ ±  8%       ~ (p=0.394 n=6)
EventStoreAppend_SQLite-4                  1.007m ±  3%   1.084m ±  5%  +7.58% (p=0.002 n=6)
GetTimeline_InMemory/events-10-4           13.26µ ±  4%   13.18µ ±  6%       ~ (p=0.589 n=6)
GetTimeline_InMemory/events-50-4           72.02µ ±  2%   72.41µ ±  5%       ~ (p=0.589 n=6)
GetTimeline_InMemory/events-100-4          148.4µ ± 25%   125.3µ ± 16%       ~ (p=0.065 n=6)
GetTimeline_InMemory/events-500-4          567.4µ ±  1%   568.6µ ±  3%       ~ (p=0.180 n=6)
GetTimeline_InMemory/events-1000-4         1.150m ±  1%   1.143m ±  0%  -0.63% (p=0.026 n=6)
GetTimeline_SQLite/events-10-4             86.18µ ±  2%   84.99µ ±  1%  -1.38% (p=0.009 n=6)
GetTimeline_SQLite/events-50-4             225.1µ ±  1%   220.2µ ±  1%  -2.18% (p=0.002 n=6)
GetTimeline_SQLite/events-100-4            390.4µ ±  1%   395.0µ ±  1%  +1.16% (p=0.009 n=6)
GetTimeline_SQLite/events-500-4            1.695m ±  3%   1.669m ±  1%  -1.53% (p=0.015 n=6)
GetTimeline_SQLite/events-1000-4           3.315m ±  2%   3.250m ±  1%  -1.97% (p=0.002 n=6)
geomean                                    200.0µ         200.0µ        -0.01%

                                   │ baseline-bench.txt │        benchmark-results.txt         │
                                   │        B/op        │     B/op      vs base                │
EventStoreAppend_InMemory-4                 751.0 ± 14%     801.0 ± 9%       ~ (p=0.128 n=6)
EventStoreAppend_SQLite-4                 1.985Ki ±  2%   1.984Ki ± 1%       ~ (p=0.721 n=6)
GetTimeline_InMemory/events-10-4          7.953Ki ±  0%   7.953Ki ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-50-4          46.62Ki ±  0%   46.62Ki ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-100-4         94.48Ki ±  0%   94.48Ki ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-500-4         472.8Ki ±  0%   472.8Ki ± 0%       ~ (p=1.000 n=6)
GetTimeline_InMemory/events-1000-4        944.3Ki ±  0%   944.3Ki ± 0%       ~ (p=1.000 n=6)
GetTimeline_SQLite/events-10-4            16.74Ki ±  0%   16.74Ki ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-50-4            87.14Ki ±  0%   87.14Ki ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-100-4           175.4Ki ±  0%   175.4Ki ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-500-4           846.1Ki ±  0%   846.1Ki ± 0%       ~ (p=0.177 n=6)
GetTimeline_SQLite/events-1000-4          1.639Mi ±  0%   1.639Mi ± 0%       ~ (p=1.000 n=6)
geomean                                   67.06Ki         67.42Ki       +0.53%
¹ all samples are equal

                                   │ baseline-bench.txt │        benchmark-results.txt        │
                                   │     allocs/op      │  allocs/op   vs base                │
EventStoreAppend_InMemory-4                  7.000 ± 0%    7.000 ± 0%       ~ (p=1.000 n=6) ¹
EventStoreAppend_SQLite-4                    53.00 ± 0%    53.00 ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-10-4             125.0 ± 0%    125.0 ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-50-4             653.0 ± 0%    653.0 ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-100-4           1.306k ± 0%   1.306k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-500-4           6.514k ± 0%   6.514k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_InMemory/events-1000-4          13.02k ± 0%   13.02k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-10-4               382.0 ± 0%    382.0 ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-50-4              1.852k ± 0%   1.852k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-100-4             3.681k ± 0%   3.681k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-500-4             18.54k ± 0%   18.54k ± 0%       ~ (p=1.000 n=6) ¹
GetTimeline_SQLite/events-1000-4            37.29k ± 0%   37.29k ± 0%       ~ (p=1.000 n=6) ¹
geomean                                     1.162k        1.162k       +0.00%
¹ all samples are equal

Benchmarks run with go test -bench=. -benchmem -count=6.
Regressions ≥ 20% are flagged. Results compared via benchstat.

@codecov
Copy link
Copy Markdown

codecov Bot commented Jun 1, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@intel352 intel352 merged commit 62b1fa2 into main Jun 1, 2026
23 checks passed
@intel352 intel352 deleted the issue-825-redact-auth branch June 1, 2026 23:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Pipeline debug logs expose Authorization bearer tokens

2 participants

@intel352