search

pingcap / tidb

TiDB - the open-source, cloud-native, distributed SQL database designed for modern applications.
https://pingcap.com
Apache License 2.0
37.34k stars 5.85k forks source link

br: redact secret strings when logging arguments (#57593) #57603

Open ti-chi-bot opened 1 day ago

ti-chi-bot commented 1 day ago

This is an automated cherry-pick of #57593

What problem does this PR solve?

Issue Number: close #57585

Problem Summary: Some values from the command line are not properly redacted.

What changed and how does it work?

In additional to the existing handling for --storage, we also apply redaction to the following parameters:

Check List

Tests

Side effects

Documentation

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

When invoking BR in command line with secret keys passed directly from arguments, they are no longer printed as plaintext in the log.
codecov[bot] commented 21 hours ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Please upload report for BASE (release-7.5@719f68e). Learn more about missing BASE report.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## release-7.5 #57603 +/- ## ================================================ Coverage ? 72.1393% ================================================ Files ? 1415 Lines ? 412668 Branches ? 0 ================================================ Hits ? 297696 Misses ? 94989 Partials ? 19983 ``` | [Flag](https://app.codecov.io/gh/pingcap/tidb/pull/57603/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | Coverage Δ | | |---|---|---| | [unit](https://app.codecov.io/gh/pingcap/tidb/pull/57603/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | `72.1393% <ø> (?)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap#carryforward-flags-in-the-pull-request-comment) to find out more. | [Components](https://app.codecov.io/gh/pingcap/tidb/pull/57603/components?src=pr&el=components&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | Coverage Δ | | |---|---|---| | [dumpling](https://app.codecov.io/gh/pingcap/tidb/pull/57603/components?src=pr&el=component&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | `52.9400% <0.0000%> (?)` | | | [parser](https://app.codecov.io/gh/pingcap/tidb/pull/57603/components?src=pr&el=component&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | `∅ <0.0000%> (?)` | | | [br](https://app.codecov.io/gh/pingcap/tidb/pull/57603/components?src=pr&el=component&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | `53.5478% <0.0000%> (?)` | |

🚨 Try these New Features:

ti-chi-bot[bot] commented 9 hours ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: kennytm Once this PR has been reviewed and has the lgtm label, please assign yujuncen for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[br/OWNERS](https://github.com/pingcap/tidb/blob/release-7.5/br/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
ti-chi-bot[bot] commented 9 hours ago

[LGTM Timeline notifier]

Timeline: