Whitelist env logging; use full env only when TIUP_CLUSTER_DEBUG is true#2637
Merged
xhebox merged 3 commits intopingcap:masterfrom Nov 7, 2025
Merged
Whitelist env logging; use full env only when TIUP_CLUSTER_DEBUG is true#2637xhebox merged 3 commits intopingcap:masterfrom
xhebox merged 3 commits intopingcap:masterfrom
Conversation
Contributor
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
Contributor
|
Welcome @mzhang77! It looks like this is your first PR to pingcap/tiup 🎉 |
|
|
ti-chi-bot
Bot
added
the
size/S
…ze EnvList in environment; refactor callers
ti-chi-bot
Bot
added
size/M
mzhang77
changed the title
xhebox
approved these changes
Nov 7, 2025
Contributor
[LGTM Timeline notifier]Timeline:
|
xhebox
added a commit
that referenced
this pull request
Nov 24, 2025
* pkg/set: convert check to require (#2557) * meta: replace pingcap/check with testing (#2559) * embed: replace pingcap/check with testing (#2555) * base52: replace pingcap/check with testing (#2556) * localdata: replace pingcap/check with testing (#2561) * utils: replace pingcap/check with testing (#2562) * telemetry: remove (#2564) * Telemetry removal * Remove left over teleCommand * repo: exclude prerelease version from version list if possible (#2550) Signed-off-by: xhe <xw897002528@gmail.com> * repo: abstract v1repoapi as interface (#2542) * env: clean up old code Signed-off-by: xhe <xw897002528@gmail.com> * repo: leverage all apis into v1_repository Signed-off-by: xhe <xw897002528@gmail.com> * repo: abstract it as an interface Signed-off-by: xhe <xw897002528@gmail.com> * clean the remained part Signed-off-by: xhe <xw897002528@gmail.com> * rename to LocalComponentInstalled Signed-off-by: xhe <xw897002528@gmail.com> * update Signed-off-by: xhe <xw897002528@gmail.com> * try fix Signed-off-by: xhe <xw897002528@gmail.com> * g Signed-off-by: xhe <xw897002528@gmail.com> * try fix Signed-off-by: xhe <xw897002528@gmail.com> * g Signed-off-by: xhe <xw897002528@gmail.com> * g Signed-off-by: xhe <xw897002528@gmail.com> * g Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> * cluster: also check exporter ports (#2563) Signed-off-by: xhe <xw897002528@gmail.com> * cluster: improve SELinux compatibility (#2501) * cluster: improve SELinux compatibility * fixup * cluster: update --ssh desc (#2380) * Update --ssh desc * Update components/cluster/command/root.go --------- Co-authored-by: xhe <xw897002528@gmail.com> * cluster: add stop/start timeout for systemd service (#2568) Signed-off-by: xhe <xw897002528@gmail.com> * *: move insight to tiup (#2553) * Move insight to tiup * Fix linting issues * Fix unused/gocritic/staticcheck issues * *: check_to_require for cluster (#2566) * check_to_require: cluster * Restore TestCountDirMultiPath --------- Co-authored-by: xhe <xw897002528@gmail.com> * *: update dmpb (#2569) * Update dmpb * Remove dm grpc gw * *: replace otiai10/copy with os.CopyFS (#2571) * ci: add staging mirror option to release workflow (#2576) * ci: fix STAGING version competition (#2579) * playground: fix config typo (#2578) Signed-off-by: Ryan Leung <rleungx@gmail.com> * ci: add ci for feature branch (#2577) Signed-off-by: Lloyd-Pottiger <yan1579196623@gmail.com> * ci: fix staging version string (#2582) * ci: fix STAGING version competition * ci: replace slashes with dots in branch name for STAGING_VER * Apply suggestion from @wuhuizuo * playground: fix tiflash metric (#2587) Signed-off-by: Lloyd-Pottiger <yan1579196623@gmail.com> * *: Replace github.com/alecthomas/assert with github.com/stretchr/testify/require (#2570) * Switch from yaml.v2 to yaml.v3 (#2558) * Switch from yaml.v2 to yaml.v3 * Use KnownFields * Use KnowFields for a few more places that previously had UnmarshalStrict * Fix issues found by make check * Formatting differences in yaml * update * fix CI Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> Co-authored-by: xhe <xw897002528@gmail.com> * cluster: support new ready api for PD (#2592) * cluster: support new ready api for PD Signed-off-by: xhe <xw897002528@gmail.com> * try fix Signed-off-by: xhe <xw897002528@gmail.com> * try fix Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> * cluster: clear leader_priority for pd leader if exist (#2591) * cluster: clear leader_priority for pd leader if exist Signed-off-by: xhe <xw897002528@gmail.com> * fix Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> * cluster: prompt for instance restart (#2513) * cluster: prompt for instance restart * Add comment * fixup * fixup * Split precheck from Upgrade * bump version to 1.16.3 (#2593) Signed-off-by: xhe <xw897002528@gmail.com> * *: Modernize (#2574) * cluster: prevent panic when the operation is not upgrade (#2598) Signed-off-by: xhe <xw897002528@gmail.com> * *: fix unclosed mirror (#2607) * *: fix unclosed mirror Signed-off-by: xhe <xw897002528@gmail.com> * fix Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> * playground: prepare code for nextgen support (#2608) * playground: prepare code for nextgen support Signed-off-by: xhe <xw897002528@gmail.com> * fix tikv Signed-off-by: xhe <xw897002528@gmail.com> * fix CI Signed-off-by: xhe <xw897002528@gmail.com> * fix CI Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> * playground: add support for nextgen (#2619) * playground: add support for nextgen Signed-off-by: xhe <xw897002528@gmail.com> * s Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> * playground: hack around nextgen version resolve (#2621) Signed-off-by: xhe <xw897002528@gmail.com> * playground: fix monitor version for nextgen (#2622) Signed-off-by: xhe <xw897002528@gmail.com> * Remove ansible import functionality (#2565) * Remove ansible import functionality * update go.sum * playground: rename tidb-nextgen to tidb-x (#2623) * playground: rename tidb-nextgen to tidb-x Signed-off-by: xhe <xw897002528@gmail.com> * fix lint Signed-off-by: xhe <xw897002528@gmail.com> * fix lint Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> * repository: delete temporary dir for downloading (#2626) Signed-off-by: xhe <xw897002528@gmail.com> * utils: Make UserHome() respect the HOME env variable (#2624) * Fix minor typos (#2601) * bump to v1.16.4 (#2627) Signed-off-by: xhe <xw897002528@gmail.com> * *: do not trigger release for release-x branch (#2629) * playground,cluster: respect HOME env variable (#2628) * playground,cluster: respect HOME env variable * fix import * Update golang.org/x/net (#2631) * tiup: fix recording of execution history (#2635) * Fix recording of execution history * Improve filtering of sensitive info and add tests * Add test for dumpling style password * hide sensitive dmctl info from execution history * Add redaction of sensitive info in URLs * Fix function name * Add test to increase coverage * Also strip access-key from S3 URIs * fix test Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> Co-authored-by: xhe <xw897002528@gmail.com> * *: use full env only when TIUP_CLUSTER_DEBUG is true (#2637) * logger: use TIUP_CLUSTER_DEBUG to set zap level (default INFO) * env printing: whitelist in non-debug; full env in DebugMode; centralize EnvList in environment; refactor callers * docs: clarify EnvList reference to pkg/environment/env.go for env visibility control * Switch to codecov-action (#2639) * playground: refine nextgen version resolve (#2640) * playground: refine nextgen version resolve Signed-off-by: xhe <xw897002528@gmail.com> * g Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> * CI: update and fix integrate-dm (#2643) * playground: fix metafile location (#2638) * playground: fix metafile location * g Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> Co-authored-by: xhe <xw897002528@gmail.com> * Upgrade usql (#2595) * cluster: fix instance level timeout stop (#2644) Signed-off-by: xhe <xw897002528@gmail.com> * playground: dont request mirror when binpath specified (#2645) * playground: dont request mirror when binpath specified Signed-off-by: xhe <xw897002528@gmail.com> * add tikv worker Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> * playgroud: support tiflash in nextgen (#2641) * playground: refine nextgen version resolve Signed-off-by: xhe <xw897002528@gmail.com> * playgroud: support tiflash Signed-off-by: xhe <xw897002528@gmail.com> * fix version Signed-off-by: xhe <xw897002528@gmail.com> * fix Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> * cluster: cleanup ansible import related things (#2630) * cluster: cleanup ansible import related things * revert back missing code Signed-off-by: xhe <xw897002528@gmail.com> * fix test Signed-off-by: xhe <xw897002528@gmail.com> * remove ansible test Signed-off-by: xhe <xw897002528@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> Co-authored-by: xhe <xw897002528@gmail.com> * *: cleanup unit test generated data (#2647) * *: add option to force redownload binaries (#2648) Signed-off-by: xhe <xw897002528@gmail.com> * playground: fix nextgen install (#2649) * fix: merge master and fix build errors * fix: resolve merge conflicts and fix build errors * fix: resolve merge conflicts and fix build and linting errors * fix * fix * fix Signed-off-by: Lloyd-Pottiger <yan1579196623@gmail.com> * fix Signed-off-by: Lloyd-Pottiger <yan1579196623@gmail.com> * fix Signed-off-by: Lloyd-Pottiger <yan1579196623@gmail.com> * fix Signed-off-by: Lloyd-Pottiger <yan1579196623@gmail.com> * fix Signed-off-by: Lloyd-Pottiger <yan1579196623@gmail.com> * fix Signed-off-by: Lloyd-Pottiger <yan1579196623@gmail.com> * fix Signed-off-by: Lloyd-Pottiger <yan1579196623@gmail.com> --------- Signed-off-by: xhe <xw897002528@gmail.com> Signed-off-by: Ryan Leung <rleungx@gmail.com> Signed-off-by: Lloyd-Pottiger <yan1579196623@gmail.com> Co-authored-by: Daniël van Eeden <git@myname.nl> Co-authored-by: xhe <xw897002528@gmail.com> Co-authored-by: glkappe <qihang.li@pingcap.com> Co-authored-by: wuhuizuo <wuhuizuo@126.com> Co-authored-by: Ryan Leung <rleungx@gmail.com> Co-authored-by: Otto Kekäläinen <otto@kekalainen.net> Co-authored-by: Michael Zhang <90968483+mzhang77@users.noreply.github.com> Co-authored-by: Allen Zhong <pdev@zhoal.pw>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What problem does this PR solve?
close #2462
What is changed and how it works?
This PR refines how TiUP prints environment variables to avoid unintentionally leaking sensitive host environment information while preserving full debugging capability when needed.
Key changes
• Centralized the list of user-visible environment variables into
pkg/environment/env.go:EnvList as the single source of truth
• Added WhitelistedEnvs() helper to format whitelist output consistently
• Updated TiUP entrypoints (tiup, tiup-cluster, tiup-dm) to:
• Print all environment variables when TIUP_CLUSTER_DEBUG=true
• Print only whitelisted vars otherwise
• Removed obsolete EnvList usage from pkg/localdata
• Improved comments to clearly reference pkg/environment/env.go for future env additions
How it works
• TiUP checks the environment variable TIUP_CLUSTER_DEBUG at startup
(environment.DebugMode)
• If TIUP_CLUSTER_DEBUG=true → print full os.Environ()
• Otherwise → print whitelisted vars from EnvList
• Ensures consistent behavior between tiup env and runtime logs
This preserves full debugging while preventing accidental exposure of unrelated environment variables in normal runs.
Check List
Tests
Code changes
Side effects
Related changes
Release notes: