-
Notifications
You must be signed in to change notification settings - Fork 38.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove apf_fd from httplog #108631
Remove apf_fd from httplog #108631
Conversation
Since flowDistinguisher may hold data identifying a user accessing the cluster this can be a source of a PII leak.
Thanks - yes, I think it's necessary as we don't want leaking PII in logs. But I want to give others time to react. |
/retest |
Agreed
is the flow distinguisher always derivable from the FlowSchema? if so, we already log the flow schema, so don't really need the flow distinguisher, right? |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jupblb, liggitt The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
It's not - it's a hash of proper field from the object (more-or-less) - we have two methods:
|
sorry, I skipped my inner dialogue... I was thinking it would be useful to know the flow distinguisher type (user or namespace), so we could consider logging just that that led to my question about whether the flow distinguisher type was always 1:1 with the flow schema, which we're already logging |
Yes - that is 1:1 with schema, so we know that (assuming that we know the current state of FS, which isn't obvious if we're debugging past state). |
that's a good point. if we want to reintroduce the distinguisher type in logging in a follow-up, that might be useful |
/triage accepted |
…31-upstream-release-1.23 Automated cherry pick of #108631: Remove apf_fd from httplog
What type of PR is this?
/kind bug
What this PR does / why we need it:
Since flowDistinguisher may hold data identifying a user accessing the cluster this can be a source of a PII leak. We should remove this from the httplog for now until a better solution can be found.
Which issue(s) this PR fixes:
N/A
Special notes for your reviewer:
The code responsible for logging this information was added in: #104359 /cc @mborsz
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: