search

paritytech / opstooling-js

Shared functionality for OpsTooling projects
https://www.npmjs.com/package/@eng-automation/js
Apache License 2.0
0 stars 1 forks source link

Support secret masking directly in logger #48

Closed mutantcornholio closed 1 year ago

mutantcornholio commented 1 year ago

Currently, there's nothing stopping us from leaking secrets to logs from the application itself.

How about something like this? 

import { Logger } from "@eng-automation/js";

const logger = new Logger({...});

logger.registerSecretsToMask(
    process.env.GITHUB_TOKEN,
    process.env.GITLAB_TOKEN,
    process.env.MATRIX_TOKEN,
);

logger.info("GITHUB_TOKEN:", process.env.GITHUB_TOKEN); // logs "GITHUB_TOKEN: [MASKED]"