Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: centralized sanitation #4446

Merged
merged 2 commits into from Sep 7, 2019
Merged

feat: centralized sanitation #4446

merged 2 commits into from Sep 7, 2019

Conversation

rarkins
Copy link
Collaborator

@rarkins rarkins commented Sep 7, 2019

Adds a sanitize function to host-rules that redacts tokens and passwords from issues and PRs.

Closes #4444

@rarkins
Revert "fix: remove artifact error content from PR comments"
149d5f6 
This reverts commit ab12ac9.
@rarkins
feat: sanitize secrets centrally
b876046 
Adds a sanitize function to host-rules that redacts tokens and passwords from issues and PRs.

Closes #4444
@rarkins rarkins merged commit 95d54ba into master Sep 7, 2019
@rarkins rarkins deleted the feat/sanitize branch September 7, 2019 12:51
@renovate-bot
Copy link
Collaborator

🎉 This PR is included in version 19.39.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

viceice
viceice reviewed Sep 7, 2019
View reviewed changes
lib/platform/github/index.ts
try {
const comments = await getComments(issueNo);
let body: string;
let commentId: number | null = null;
let commentNeedsUpdating = false;
if (topic) {
logger.debug(`Ensuring comment "${topic}" in #${issueNo}`);
body = `### ${topic}\n\n${content}`;
body = hostRules.sanitize(`### ${topic}\n\n${content}`);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Duplicate sanitize?

lib/platform/github/index.ts
logger.debug(`updatePr(${prNo}, ${title}, body)`);
const body = rawBody ? hostRules.sanitize(rawBody) : null;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hostRules.sanitize already checks for null

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

body string should be removed from log.

do we need to rename params? Can we simply move the sanitize to the if below?

lib/util/host-rules.ts
secrets.push(secret);
});
if (params.username && params.password) {
const secret = Buffer.from(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should move this to a util function, because i've seen this on some more places.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 16, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@viceice viceice viceice left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add centralized secret sanitation
3 participants
@rarkins @renovate-bot @viceice