util/logs: request redactable logs by default #53263
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This change is |
knz
force-pushed
the
20200822-redactable-on-default
branch
2 times, most recently
from
56d00b1 to
db0e815
Compare
Release note: None
The demo code was trying a complicated dance with the flag structs to disable logging. This was not necessary - a simple adjustment of the advertised store config is sufficient to reach the desired effect. Additionally, this commit provides a hint to the user if they want to enable redaction markers but there is no logging dir yet. Release note: None
This changes the default value for the `--redactable-logs` flag to
`true`. This makes server produce redactable logs by default.
Note that `--redactable-logs` only triggers redactable logs if the
caller calls `SetupRedactionAndStderrRedirects()`. This is done by
e.g. the server code. This means that even with this patch,
*unit tests* continue to produce non-redactable logs.
This commit also adds telemetry for the enablement of redactable
markers, as `server.logging.redactable_logs.{enabled,disabled}`.
Release note (cli change): The `cockroach start` and `start-single-node`
commands now enable `--redactable-logs` by default. It is also
enabled by default in `cockroach demo` if `--log-dir` is passed.
This causes log files to become redactable, so that `cockroach debug
merge-log --redact` or `cockroach debug zip --redact` can remove
sensitive information out of log files. (Reminder: `cockroach debug
zip --redact` only affects *log files*; other items collected by the
command can still contain sensitive information)
knz
force-pushed
the
20200822-redactable-on-default
branch
from
db0e815 to
25b99aa
Compare
|
thanks! The prefix two commits have been approved separately by Rohan. bors r=irfansharif |
|
Build failed (retrying...): |
|
Build failed (retrying...): |
|
Build succeeded: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
First two commits from #53313
This changes the default value for the
--redactable-logsflag totrue. This makes server produce redactable logs by default.Note that
--redactable-logsonly triggers redactable logs if thecaller calls
SetupRedactionAndStderrRedirects(). This is done bye.g. the server code. This means that even with this patch,
unit tests continue to produce non-redactable logs.
This commit also adds telemetry for the enablement of redactable
markers, as
server.logging.redactable_logs.{enabled,disabled}.Fixes #51834.
Release note (cli change): The
cockroach start,start-single-nodeand
democommand now enable--redactable-logsby default.This causes log files to become redactable, so that
cockroach debug merge-log --redactorcockroach debug zip --redactcan remove sensitive information out of log files.
(Reminder:
cockroach debug zip --redactonly affects log files;other items collected by the command can still contain sensitive information)