Loading...

XML

Word

Printable

Details

Type: Epic
Resolution: Done
Priority: Major
Fix Version/s: 2.14.0 GA
Affects Version/s: 2.7.1, 2.8 GA, 2.9.1 GA, 2.10 GA, 2.11.2 GA, 2.12.1 GA
Component/s: System
Labels:

3Scale PT Tested upstream:
Not Started
3scale PT Docs:
Not Started
3scale PT Product Specs:
Not Started
3scale PT Product Update Ready:
Not Started
3scale PT Released In Saas:
Not Started
3scale PT Verified Product:
Not Started
Hierarchy Progress:
0
Hierarchy Progress Bar:

0% 0%
Target Release:

2.14.0 GA

SFDC Cases Links:
SFDC Cases Counter:

Description

The request is to mask keys and tokens in logs like system-app and system-sidekiq.

For example:

2020-06-23T05:14:31.772880117Z declare -x AWS_ACCESS_KEY_ID="xxxxxxxx"
2020-06-23T05:14:31.772880117Z declare -x AWS_BUCKET="xxxxx"
2020-06-23T05:14:31.772880117Z declare -x AWS_HOSTNAME="xxxxxx"
2020-06-23T05:14:31.772880117Z declare -x AWS_REGION="us-east-1"
2020-06-23T05:14:31.772880117Z declare -x AWS_SECRET_ACCESS_KEY="xxxxxxxxxxx"

access_token in query param

Started GET "/admin/api/accounts.xml?access_token=cc04c2c0ff5c77b080bbc27541350134332e7c7afa05aeb8921697bb0e82c872&page=1&per_page=500" for 192.168.130.1 at 2021-03-30 12:42:29 +0000
Processing by Admin::Api::AccountsController#index as XML
  Parameters: {"access_token"=>"cc04c2c0ff5c77b080bbc27541350134332e7c7afa05aeb8921697bb0e82c872", "page"=>"1", "per_page"=>"500"}

access_token in body param

Started GET "/admin/api/accounts.xml?page=1&per_page=500" for 192.168.130.1 at 2021-03-30 12:41:43 +0000
Processing by Admin::Api::AccountsController#index as XML
  Parameters: {"access_token"=>"cc04c2c0ff5c77b080bbc27541350134332e7c7afa05aeb8921697bb0e82c872", "page"=>"1", "per_page"=>"500", "account"=>{"access_token"=>"cc04c2c0ff5c77b080bbc27541350134332e7c7afa05aeb8921697bb0e82c872"}}

Dev Notes
Possibly related to ~~THREESCALE-2985~~
There seems to be no easy way to do this. We could mitigate it by adding some instrumentation that obfuscates some of the sensitive data being dumped to the logs – especially those ones exemplified that are Rails log messages – but it would never be bullet-proof. There will always be something we left behind that ends up leaking to the logs.
There are also logs that are container logs printed before the application even starts. Typically, these are environment variables that contain sensitive information.
Porta could rely less on environment variables and more on YAML config files. Files which can be mounted in the container from Kubernetes Secrets just the same, and their content is not printed to the logs in the initialization.
Changing that in Porta is not trivial though. There are over 200 env vars scattered all over Porta’s code.
For ruby log, check existing usage of FilterArguments class.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

image-2023-01-25-09-58-40-179.png
60 kB
2023/01/25 8:58 AM
image-2023-01-25-10-00-36-659.png
77 kB
2023/01/25 9:00 AM

Issue Links

incorporates

THREESCALE-6899 Avoid logging access_tokens

Closed

relates to

THREESCALE-8037 remove tokens and passwords from logs by default

Closed

mentioned on

Merge request - Updated US source to: 78155f6 👷 [codeclimate] excludes whole typescript folder

Activity

People

Assignee:: Unassigned

Reporter:: Takayuki Konishi

Tester:: Dominik Hlavac Duran

Developer:: Joan Lledo

Votes:: 6 Vote for this issue

Watchers:: 20 Start watching this issue

Dates

Created:: 2020/06/23 2:11 AM

Updated:: 2023/12/15 12:43 PM

Resolved:: 2023/12/15 12:43 PM

Target end:: 2023/11/20