Release 2024.2.0.0-b41: [BACKPORT 2024.2][PLAT-15307]fix sensitive info leaks via Gflags · yugabyte/yugabyte-db

2024.2.0.0-b41
24a13d6
Choose a tag to compare

Filter

View all tags

2024.2.0.0-b41: [BACKPORT 2024.2][PLAT-15307]fix sensitive info leaks via Gflags

2024.2.0.0-b41
24a13d6
Choose a tag to compare

Filter

View all tags

asharma-yb tagged this 07 Oct 04:56

Summary:
Original commit: 79a00fd3ba72828d2d42b33b7c7f9b81efd44bcc/D38034

We were leaking sensitive info via gflag values in YBA log. Changes in java and python layer to fix the leaks.

Also added changes to parse sensitive gflags from all db releases present locally.
The flags are parsed once per release and then cached in the yugaware pg for later use.

Test Plan:
Verified manually that all the occurences of the sensitive gflags in logs have value redacted.

Verified that sensitive gflags are updated for new releases upon import.

Reviewers: #yba-api-review!, amalyshev, vbansal

Reviewed By: amalyshev

Subscribers: yugaware, hsunder, sanketh

Differential Revision: https://phorge.dev.yugabyte.com/D38707

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Uh oh!