-
Notifications
You must be signed in to change notification settings - Fork 5.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lightning: Don't log "received task config" in server mode (#52336) #53069
lightning: Don't log "received task config" in server mode (#52336) #53069
Conversation
Signed-off-by: ti-chi-bot <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## release-7.5 #53069 +/- ##
================================================
Coverage ? 72.0025%
================================================
Files ? 1410
Lines ? 409576
Branches ? 0
================================================
Hits ? 294905
Misses ? 94837
Partials ? 19834
Flags with carried forward coverage won't be shown. Click here to find out more.
|
@lyzx2001: adding LGTM is restricted to approvers and reviewers in OWNERS files. In response to this: Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: D3Hunter, lance6716, lyzx2001 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This is an automated cherry-pick of #52336
What problem does this PR solve?
Issue Number: close #36374
Problem Summary:
What changed and how does it work?
Lightning in server-mode logged the original TOML task config received in
POST /task
. This will leak password of the task into the log. Previously #36375 attempted to workaround by replacing the password part by******
with regexp, but the regexp is written wrongly. Even if it is regexp is corrected, using regexp to parse TOML is bound to miss some edge cases.This PR simply removed the log. If the task config can be successfully parsed, it should still be visible in the subsequent
[cfg]
log with proper redaction.Check List
Tests
Side effects
Documentation
Release note
Please refer to Release Notes Language Style Guide to write a quality release note.