diff options
author | devcurmudgeon <paul.sherwood@codethink.co.uk> | 2017-01-30 15:38:53 +0000 |
---|---|---|
committer | devcurmudgeon <paul.sherwood@codethink.co.uk> | 2017-01-30 15:38:53 +0000 |
commit | a1b1950ba321a2db44a19c14d3f30022bb9dbfb7 (patch) | |
tree | 1ad5df7c048d55545988e01ddbebba69a83d6881 | |
parent | 078442a99e156425847ee661033cadc4c33703c6 (diff) | |
parent | 2d93e8d4d31e4695f5bad66d6dcca73b9339fb9e (diff) | |
download | ybd-a1b1950ba321a2db44a19c14d3f30022bb9dbfb7.tar.gz |
Merge branch 'ps-fix-250' into 'master'
Fix #250 - don't leak kbas user:pass in logs
Closes #250
See merge request !296
-rw-r--r-- | ybd/app.py | 5 | ||||
-rw-r--r-- | ybd/cache.py | 2 |
2 files changed, 6 insertions, 1 deletions
@@ -18,6 +18,7 @@ import contextlib import datetime import os import fcntl +import re import shutil import sys import warnings @@ -114,6 +115,8 @@ def log_env(log, env, message=''): with open(log, "a") as logfile: for key in sorted(env): msg = env[key] if 'PASSWORD' not in key else '(hidden)' + if 'URL' in key.upper(): + msg = re.sub(r'(https://)[^@]*@', '\\1', env[key]) logfile.write('%s=%s\n' % (key, msg)) logfile.write(message + '\n\n') logfile.flush() @@ -238,6 +241,8 @@ def load_configs(config_files): for key, value in yaml.safe_load(text).items(): config[key.replace('_', '-')] = value msg = value if 'PASSWORD' not in key.upper() else '(hidden)' + if 'URL' in key.upper(): + msg = re.sub(r'(https://)[^@]*@', '\\1', value) print ' %s=%s' % (key.replace('_', '-'), msg) print diff --git a/ybd/cache.py b/ybd/cache.py index 345a8b2..c3ca632 100644 --- a/ybd/cache.py +++ b/ybd/cache.py @@ -229,7 +229,7 @@ def upload(dn): try: response = requests.post(url=url, data=params, files={"file": f}) if response.status_code == 201: - app.log(dn, 'Uploaded %s to' % dn['cache'], url) + app.log(dn, 'Uploaded %s to kbas' % dn['cache']) return if response.status_code == 777: app.log(dn, 'Reproduced %s at' % md5(cachefile), dn['cache']) |