Add config flag for GDPR compliance. Remove last octet from ips in request-logs accordingly.

[FloThinksPi]

A short explanation of the proposed change:

IP Adresses now get their last octet cut of and replaced by 0 if the
new config option logging.gdpr_compliant is true. E.g 192.168.1.80
will be logged as 192.168.1.0 which provides sufficent anonymization
to comply with european data protection regulations.

If the flag is false or not present, CC will have the old behaviour
which means logging the full ips.

This flag can also be used in other places that one may find needs
adoptions to comply to EU GDPR.

An explanation of the use cases your change solves

It provides a way to comply to the european data protection regulations.
All EU Customers of Pivotal that save their logs would benefit from this change.
The IP is specifically called as Personal information: https://gdpr.eu/recital-30-online-identifiers-for-profiling-and-identification/
So either one has to:

• Not save it at all
• Request formal approval from all users for saving their ips
• Anonymise the IP so it can not be tracked down to an individual

This change enables customers to use the third option as the first ones are not practicable.

Links to any other associated PRs

Followup of: #1575
Issue: #1568
Slack discussion: https://cloudfoundry.slack.com/archives/C07C04W4Q/p1584635872138900

• I have reviewed the contributing guide

• I have viewed, signed, and submitted the Contributor License Agreement

• I have made this pull request to the master branch

• I have run all the unit tests using bundle exec rake

• I have run CF Acceptance Tests
  Could not get CATS to run(having no bosh-lite atm). Would be thankful if some pivot can run it against one of you bosh-lites.

[cf-gitbot]

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/171974450

The labels on this github issue will be updated when the story is started.

[linux-foundation-easycla]

The committers are authorized under a signed CLA.

• ✅ Florian Braun (e155977, ad69da1)

[selzoc]

This looks like it'll only work with ipv4 - maybe worth looking into a gem that also supports ipv6 to do this as many folks are probably anonymizing IP addresses in ruby for gdpr compliance. (I found https://github.com/ankane/ip_anonymizer after a brief search)

[selzoc]

I would probably also favor this construct over a ternary:

ip = if VCAP::CloudController::Config.config.get(:logging, :gdpr_compliant)
         <redact ip>
      else
        <unredacted-ip>

[FloThinksPi]

@selzoc Thank you for the hint. We changed the implementation quite a bit to allow for v6 adresses. We ditched third party libs to not introduce new dependencies as the task is quite simple to adress with the stdlib of ruby. Also using you recommendation for the variable assignment : ).

If we find we need this in other parts of the CC we will think of pulling the code to anonymize the ip out, somwhere else to make it reusable. For now i think we are good keeping it in request_logs.

[selzoc]

I still think it would be clearer to pull it out into a function. But yeah I guess no need for a gem!

[FloThinksPi]

@selzoc as i am still not that familiar with the codebase, where would such a function be placed in the coding ? Maybe lib/utils ?

[selzoc]

I just meant extracting lines 15-24 into a function within the same class, just to clean up the call function a bit.

[FloThinksPi]

Done : )

[FloThinksPi]

@selzoc can you review again, also squashed all changes into one commit so history is more clean once merged.

[selzoc]

LGTM! 👍

[aashah]

Thanks for the PR!