search

pingcap / tidb

TiDB - the open-source, cloud-native, distributed SQL database designed for modern applications.
https://pingcap.com
Apache License 2.0
37.34k stars 5.85k forks source link

br: redact secret strings when logging arguments (#57593) #57605

Closed ti-chi-bot closed 8 hours ago

ti-chi-bot commented 1 day ago

This is an automated cherry-pick of #57593

What problem does this PR solve?

Issue Number: close #57585

Problem Summary: Some values from the command line are not properly redacted.

What changed and how does it work?

In additional to the existing handling for --storage, we also apply redaction to the following parameters:

Check List

Tests

Side effects

Documentation

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

When invoking BR in command line with secret keys passed directly from arguments, they are no longer printed as plaintext in the log.
codecov[bot] commented 1 day ago

Codecov Report

Attention: Patch coverage is 0% with 9 lines in your changes missing coverage. Please review.

Please upload report for BASE (release-8.5@6404c67). Learn more about missing BASE report.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## release-8.5 #57605 +/- ## ================================================ Coverage ? 57.1085% ================================================ Files ? 1770 Lines ? 628228 Branches ? 0 ================================================ Hits ? 358772 Misses ? 245521 Partials ? 23935 ``` | [Flag](https://app.codecov.io/gh/pingcap/tidb/pull/57605/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | Coverage Δ | | |---|---|---| | [integration](https://app.codecov.io/gh/pingcap/tidb/pull/57605/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | `37.0539% <0.0000%> (?)` | | | [unit](https://app.codecov.io/gh/pingcap/tidb/pull/57605/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | `72.8535% <0.0000%> (?)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap#carryforward-flags-in-the-pull-request-comment) to find out more. | [Components](https://app.codecov.io/gh/pingcap/tidb/pull/57605/components?src=pr&el=components&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | Coverage Δ | | |---|---|---| | [dumpling](https://app.codecov.io/gh/pingcap/tidb/pull/57605/components?src=pr&el=component&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | `52.9478% <0.0000%> (?)` | | | [parser](https://app.codecov.io/gh/pingcap/tidb/pull/57605/components?src=pr&el=component&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | `∅ <0.0000%> (?)` | | | [br](https://app.codecov.io/gh/pingcap/tidb/pull/57605/components?src=pr&el=component&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pingcap) | `52.3075% <0.0000%> (?)` | |

🚨 Try these New Features:

ti-chi-bot[bot] commented 10 hours ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: BornChanger, kennytm

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[br/OWNERS](https://github.com/pingcap/tidb/blob/release-8.5/br/OWNERS)~~ [BornChanger] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
ti-chi-bot[bot] commented 10 hours ago

[LGTM Timeline notifier]

Timeline: