search

kubernetes-sigs / aws-efs-csi-driver

CSI Driver for Amazon EFS https://aws.amazon.com/efs/
Apache License 2.0
693 stars 524 forks source link

Sanitize CSI RPC request logs #1363

Closed mskanth972 closed 1 month ago

mskanth972 commented 1 month ago

Is this a bug fix or adding new feature? Security enhancement

What is this PR about? / Why do we need it? This PR addresses the potential risk of sensitive information being inadvertently logged, despite the EFS CSI Driver not supporting Token Requests. The primary change involves introducing a new utility function called SanitizeRequest. This function accepts a request object and returns a duplicate with the "Secrets" field emptied. It achieves this by creating a new instance of the request object's type, copying all fields from the original request to the new instance, and resetting the "Secrets" field to an empty map, if present.

What testing is done?

mskanth972 commented 1 month ago

/test pull-aws-efs-csi-driver-unit

seanzatzdev-amazon commented 1 month ago

/lgtm

k8s-ci-robot commented 1 month ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mskanth972, seanzatzdev-amazon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/OWNERS)~~ [mskanth972,seanzatzdev-amazon] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment