Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clean up sensitive data from the logs #679

Closed
wants to merge 1 commit into from
Closed

Clean up sensitive data from the logs #679

wants to merge 1 commit into from

Conversation

itdependsnetworks
Copy link
Contributor

This should work, but has not been tested.

@nniehoff
Copy link
Contributor

@itdependsnetworks we would need this patch for Nautobot 1.x and 2.x.

@itdependsnetworks
Copy link
Contributor Author

We should not, there was a change in nautobot core in 2.0, so in 1.6 it should be fine (I reserve the right to be proven wrong), this was an issue in 3 places, I only caught 1 of them. We should update core, as this is likely to happen again unless there is clear methods that have it properly scrubbed.

@glennmatthews
Copy link
Contributor

Is nautobot.core.utils.logging.sanitize() not doing the right thing in this case? It should be applied to all job logs in 2.0 automatically.

@itdependsnetworks
Copy link
Contributor Author

itdependsnetworks commented Nov 29, 2023
edited
Loading

Need to personally test hopefully @jeffkala will as well :)

Test is to remove SANITIZER_PATTERNS and see if it strips.

@jeffkala
Copy link
Contributor

To be honest, testing with SANITIZER_PATTERNS = [] with the develop branch (meaning the currently released code) I don't see anything in the logs in the first place.
However; testing this PR specifically with SANITIZER_PATTERNS = [] results in a failure in the repo push.

Traceback (most recent call last):
  File "/usr/local/lib/python3.11/site-packages/celery/app/trace.py", line 477, in trace_task
    R = retval = fun(*args, **kwargs)
                 ^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/nautobot/extras/jobs.py", line 148, in __call__
    return self.run(*args, **deserialized_kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/source/nautobot_golden_config/jobs.py", line 181, in run
    git_info = get_repo_from_url_to_path_and_from_branch(backup_repo)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/nautobot/extras/datasources/git.py", line 88, in get_repo_from_url_to_path_and_from_branch
    from_url = repository_record.remote_url
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: 'GitRepo' object has no attribute 'remote_url'

@jeffkala
Copy link
Contributor

So appears that get_refreshed_repos which the new code is looping over is actually creating from nautobot_golden_config.utilities.git import GitRepo which is not the repo objects from nautobot that the get_repo_from_url_to_path_and_from_branch function is expecting.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeffkala jeffkala Awaiting requested review from jeffkala jeffkala is a code owner

@nkallergis nkallergis Awaiting requested review from nkallergis nkallergis is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@itdependsnetworks @nniehoff @glennmatthews @jeffkala