-
Notifications
You must be signed in to change notification settings - Fork 831
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(kafka): Fix kafka credentials leaked into logs in Go components #4966
fix(kafka): Fix kafka credentials leaked into logs in Go components #4966
Conversation
This creates a new config map containing only fields that should be safe to log, i.e. fields that are not secret/sensitive.
This allows the user to see that a particular value was set, which may be useful for debugging, without leaking what information was provided.
This is the general pattern we have - types, constants, and vars go before functions/logic.
@@ -116,7 +134,10 @@ func (km *KafkaManager) createProducer() error { | |||
if err != nil { | |||
return err | |||
} | |||
km.logger.Infof("Creating producer with config %v", producerConfigMap) | |||
|
|||
configWithoutSecrets := config.WithoutSecrets(producerConfigMap) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this pattern of casting ...ConfigMap
into safe format without secrets before logging repeats all over the place - potentially a convenience function that takes logger and ...ConfigMap
could be useful to skip repetitions
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't know what sort of config a map is for (producer, consumer, admin?), and I think that, although it's a bit annoying, it's probably easier not to try to come up with a pattern for this just yet
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All good - though diff around long line changes made reviewing actual change from this PR take 5 min instead of 1 min :)
🔧 Should also update this page as it's not clear where the YAML blob in the middle comes from |
Set the right key in the values file and read this as a file via the Ansible CLI.
What this PR does / why we need it:
Prior to this PR, credentials in the Kafka config maps, such as SASL passwords, would be leaked through logs when creating producers and consumers.
This PR fixes that oversight by eliding such information, specifically replacing it with
***
so that users can see a key was set but do not have access to it.There are some incidental formatting changes around long lines and whitespace for logical separation.
Which issue(s) this PR fixes:
N/A
Testing
I created a cluster with:
The contents of
custom.yaml
are given below.custom.yaml
To confirm the issue, I used the existing
seldonio
images, then to confirm the fix I loaded locally built images into the kind cluster.Before my changes, I see logs like the below:
To apply my changes, I build the Docker images, loaded them into the
kind
cluster, and updated the components:After my changes, I see logs like the below: