Permalink
Browse files

BGBUILD-178: Remove sensitive data from logs

  • Loading branch information...
goldmann committed Mar 5, 2011
1 parent 23ed376 commit 14901be2c53ecece75c596b27af8c28a1c479dec
View
@@ -7,6 +7,7 @@ v0.9.0
* [BGBUILD-81] post command execution w/ setarch breaks commands which are scripts
* [BGBUILD-173] Include setarch package in default package list for RPM-based OSes
* [BGBUILD-177] Fedora 13 builds have enabled firewall although they shouldn't have it
+* [BGBUILD-178] Remove sensitive data from logs
v0.8.1
@@ -84,7 +84,7 @@ def execute_plugin_chain
def create
@log.debug "Launching new BoxGrinder build..."
- @log.trace "Used configuration: #{@config.to_yaml}"
+ @log.trace "Used configuration: #{@config.to_yaml.gsub(/(\S*(key|account|cert)\S*).*:(.*)/, '\1' + ": <REDACTED>")}"
PluginHelper.new(@config, :log => @log).load_plugins
read_definition
@@ -162,7 +162,7 @@ def bundle_image(deliverables)
FileUtils.mkdir_p(@ami_build_dir)
- @exec_helper.execute("euca-bundle-image --ec2cert #{File.dirname(__FILE__)}/src/cert-ec2.pem -i #{deliverables[:disk]} --kernel #{REGION_OPTIONS[@plugin_config['region']][:kernel][@appliance_config.hardware.base_arch][:aki]} -c #{@plugin_config['cert_file']} -k #{@plugin_config['key_file']} -u #{@plugin_config['account_number']} -r #{@appliance_config.hardware.base_arch} -d #{@ami_build_dir}")
+ @exec_helper.execute("euca-bundle-image --ec2cert #{File.dirname(__FILE__)}/src/cert-ec2.pem -i #{deliverables[:disk]} --kernel #{REGION_OPTIONS[@plugin_config['region']][:kernel][@appliance_config.hardware.base_arch][:aki]} -c #{@plugin_config['cert_file']} -k #{@plugin_config['key_file']} -u #{@plugin_config['account_number']} -r #{@appliance_config.hardware.base_arch} -d #{@ami_build_dir}", :redacted => [@plugin_config['account_number'], @plugin_config['key_file'], @plugin_config['cert_file']])
@log.info "Bundling AMI finished."
end
@@ -171,7 +171,7 @@ def upload_image(ami_dir)
bucket # this will create the bucket if needed
@log.info "Uploading #{@appliance_config.name} AMI to bucket '#{@plugin_config['bucket']}'..."
- @exec_helper.execute("euca-upload-bundle -U #{@plugin_config['url'].nil? ? "http://#{REGION_OPTIONS[@plugin_config['region']][:endpoint]}" : @plugin_config['url']} -b #{@plugin_config['bucket']}/#{ami_dir} -m #{@ami_manifest} -a #{@plugin_config['access_key']} -s #{@plugin_config['secret_access_key']}")
+ @exec_helper.execute("euca-upload-bundle -U #{@plugin_config['url'].nil? ? "http://#{REGION_OPTIONS[@plugin_config['region']][:endpoint]}" : @plugin_config['url']} -b #{@plugin_config['bucket']}/#{ami_dir} -m #{@ami_manifest} -a #{@plugin_config['access_key']} -s #{@plugin_config['secret_access_key']}", :redacted => [@plugin_config['access_key'], @plugin_config['secret_access_key']])
end
def register_image(ami_manifest_key)
@@ -239,4 +239,4 @@ def s3_object_exists?(path)
end
end
-plugin :class => BoxGrinder::S3Plugin, :type => :delivery, :name => :s3, :full_name => "Amazon Simple Storage Service (Amazon S3)", :types => [:s3, :cloudfront, :ami]
+plugin :class => BoxGrinder::S3Plugin, :type => :delivery, :name => :s3, :full_name => "Amazon Simple Storage Service (Amazon S3)", :types => [:s3, :cloudfront, :ami]
@@ -14,16 +14,16 @@ Source0: http://rubygems.org/gems/%{gemname}-%{version}.gem
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
Requires: ruby(abi) = %{rubyabi}
-Requires: rubygem(boxgrinder-core) >= 0.2.1
-Requires: rubygem(boxgrinder-core) < 0.3.0
+Requires: rubygem(boxgrinder-core) >= 0.3.0
+Requires: rubygem(boxgrinder-core) < 0.4.0
Requires: ruby-libguestfs
Requires: parted
Requires: e2fsprogs
BuildRequires: rubygem(rake)
BuildRequires: rubygem(rspec)
-BuildRequires: rubygem(boxgrinder-core) >= 0.2.1
-BuildRequires: rubygem(boxgrinder-core) < 0.3.0
+BuildRequires: rubygem(boxgrinder-core) >= 0.3.0
+BuildRequires: rubygem(boxgrinder-core) < 0.4.0
BuildRequires: rubygem(echoe)
BuildRequires: ruby-libguestfs
@@ -145,6 +145,7 @@ popd
- [BGBUILD-81] post command execution w/ setarch breaks commands which are scripts
- [BGBUILD-173] Include setarch package in default package list for RPM-based OSes
- [BGBUILD-177] Fedora 13 builds have enabled firewall although they shouldn't have it
+- [BGBUILD-178] Remove sensitive data from logs
* Tue Feb 16 2011 <mgoldman@redhat.com> - 0.8.1-1
- Upstream release: 0.8.1

0 comments on commit 14901be

Please sign in to comment.