Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

lightning: Don't log "received task config" in server mode (#52336) #52497

Merged

Conversation

ti-chi-bot
Copy link
Member

This is an automated cherry-pick of #52336

What problem does this PR solve?

Issue Number: close #36374

Problem Summary:

What changed and how does it work?

Lightning in server-mode logged the original TOML task config received in POST /task. This will leak password of the task into the log. Previously #36375 attempted to workaround by replacing the password part by ****** with regexp, but the regexp is written wrongly. Even if it is regexp is corrected, using regexp to parse TOML is bound to miss some edge cases.

This PR simply removed the log. If the task config can be successfully parsed, it should still be visible in the subsequent [cfg] log with proper redaction.

Check List

Tests

  • Unit test
  • Integration test
  • Manual test (add detailed scripts or steps below)
    • run in server-mode and send a config
  • No need to test
    • I checked and no code files have been changed.

Side effects

  • Performance regression: Consumes more CPU
  • Performance regression: Consumes more Memory
  • Breaking backward compatibility

Documentation

  • Affects user behaviors
  • Contains syntax changes
  • Contains variable changes
  • Contains experimental features
  • Changes MySQL compatibility

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

Fix the issue that sensitive information in logs is still printed in server mode.

@ti-chi-bot ti-chi-bot added component/lightning This issue is related to Lightning of TiDB. ok-to-test Indicates a PR is ready to be tested. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. type/bugfix This PR fixes a bug. type/cherry-pick-for-release-7.1 This PR is cherry-picked to release-7.1 from a source PR. labels Apr 11, 2024
@ti-chi-bot ti-chi-bot added cherry-pick-approved Cherry pick PR approved by release team. labels Apr 11, 2024
@ti-chi-bot ti-chi-bot bot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed do-not-merge/cherry-pick-not-approved size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Apr 11, 2024
br/pkg/lightning/common/BUILD.bazel Outdated Show resolved Hide resolved
br/pkg/lightning/common/util.go Outdated Show resolved Hide resolved
br/pkg/lightning/lightning.go Outdated Show resolved Hide resolved
@ti-chi-bot ti-chi-bot bot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. and removed size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Apr 11, 2024
@ti-chi-bot ti-chi-bot bot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Apr 11, 2024
Copy link

codecov bot commented Apr 11, 2024

Codecov Report

❗ No coverage uploaded for pull request base (release-7.1@fd9583b). Click here to learn what that means.
The diff coverage is 100.0000%.

Additional details and impacted files
@@               Coverage Diff                @@
##             release-7.1     #52497   +/-   ##
================================================
  Coverage               ?   73.4420%           
================================================
  Files                  ?       1211           
  Lines                  ?     379770           
  Branches               ?          0           
================================================
  Hits                   ?     278911           
  Misses                 ?      83039           
  Partials               ?      17820           

@kennytm kennytm requested review from lance6716 and lyzx2001 April 11, 2024 13:51
@ti-chi-bot ti-chi-bot bot added the needs-1-more-lgtm Indicates a PR needs 1 more LGTM. label Apr 11, 2024
@ti-chi-bot ti-chi-bot bot added the approved label Apr 11, 2024
Copy link

ti-chi-bot bot commented Apr 11, 2024

@lyzx2001: adding LGTM is restricted to approvers and reviewers in OWNERS files.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Copy link

ti-chi-bot bot commented Apr 11, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kennytm, lance6716, lyzx2001

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ti-chi-bot ti-chi-bot bot added lgtm and removed needs-1-more-lgtm Indicates a PR needs 1 more LGTM. labels Apr 11, 2024
Copy link

ti-chi-bot bot commented Apr 11, 2024

[LGTM Timeline notifier]

Timeline:

  • 2024-04-11 14:26:37.742026954 +0000 UTC m=+1145259.269567499: ☑️ agreed by lance6716.
  • 2024-04-11 14:55:57.563128805 +0000 UTC m=+1147019.090669347: ☑️ agreed by kennytm.

@ti-chi-bot ti-chi-bot bot merged commit faeb33e into pingcap:release-7.1 Apr 11, 2024
24 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved cherry-pick-approved Cherry pick PR approved by release team. component/lightning This issue is related to Lightning of TiDB. lgtm ok-to-test Indicates a PR is ready to be tested. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. type/bugfix This PR fixes a bug. type/cherry-pick-for-release-7.1 This PR is cherry-picked to release-7.1 from a source PR.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants