Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
audit-log: Only capture API method args when asked #8222
Conversation
| @@ -16,20 +16,26 @@ import ( | ||
| // recorders that that will update the observer and the auditlog | ||
| // recorder when it records a request or reply. The auditlog recorder | ||
| // can be nil. | ||
| -func NewRecorderFactory(observerFactory rpc.ObserverFactory, recorder *auditlog.Recorder) rpc.RecorderFactory { | ||
| +func NewRecorderFactory( | ||
| + captureArgs bool, |
wallyworld
Dec 14, 2017
Owner
Personal preference, but this arg IMO should go to the end of the param list.
So (factory, record, capture)
It looks icky to see callers go NewRecorderFactory(true, factory, recorder)
Also, we should define consts for RecordArgs and NoRecordArgs and use those instead of true/false
| } | ||
| } | ||
| } | ||
| // combinedRecorder wraps an observer (which might be a multiplexer) | ||
| // up with an auditlog recorder into an rpc.Recorder. | ||
| type combinedRecorder struct { | ||
| - observer rpc.Observer | ||
| - recorder *auditlog.Recorder | ||
| + captureArgs bool |
|
$$merge$$ |
|
Status: merge request accepted. Url: http://ci.jujucharms.com/job/github-merge-juju |
|
Looks like AWS killed it? $$merge$$ |
|
Build failed: Tests failed |
|
$$merge$$ |
|
Status: merge request accepted. Url: http://ci.jujucharms.com/job/github-merge-juju |
jujubot
merged commit 5d32857
into
juju:2.3
Dec 14, 2017
1 check failed
continuous-integration/jenkins/pr-merge
This commit cannot be built
Details
babbageclunk
deleted the
babbageclunk:audit-capture-args
branch
Dec 14, 2017
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
babbageclunk commentedDec 14, 2017
Description of change
In general we don't think it will be necessary to save the API method arguments in the audit log (because people using it will be more interested in the client commands), and there's some risk of there being secrets in the log. If
audit-log-capture-args=trueis specified in the controller config then we still capture them, but by default we don't.QA steps
Bootstrap with
--config="auditing-enabled=true". Therequestmessages in the audit log don't include arguments for the API calls.Bootstrap with
--config="auditing-enabled=true" --config="audit-log-capture-args=true".requestmessages include serialised JSON method parameters.