mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-16 07:15:13 +01:00
fix(scan): Add function to avoid writing creds in jobservice logs, switch to debug instead of info (#15747)
Signed-off-by: Alexis <60alexis@gmail.com> Signed-off-by: He Weiwei <hweiwei@vmware.com>
This commit is contained in:
parent
0299976059
commit
59fed27185
@ -162,8 +162,8 @@ func (j *Job) Run(ctx job.Context, params job.Parameters) error {
|
||||
mimeTypes, _ := extractMimeTypes(params)
|
||||
|
||||
// Print related infos to log
|
||||
printJSONParameter(JobParamRegistration, params[JobParamRegistration].(string), myLogger)
|
||||
printJSONParameter(JobParameterRequest, removeAuthInfo(req), myLogger)
|
||||
printJSONParameter(JobParamRegistration, removeRegistrationAuthInfo(r), myLogger)
|
||||
printJSONParameter(JobParameterRequest, removeScanAuthInfo(req), myLogger)
|
||||
myLogger.Infof("Report mime types: %v\n", mimeTypes)
|
||||
|
||||
if shouldStop() {
|
||||
@ -371,7 +371,7 @@ func logAndWrapError(logger logger.Interface, err error, message string) error {
|
||||
}
|
||||
|
||||
func printJSONParameter(parameter string, v string, logger logger.Interface) {
|
||||
logger.Infof("%s:\n", parameter)
|
||||
logger.Debugf("%s:\n", parameter)
|
||||
printPrettyJSON([]byte(v), logger)
|
||||
}
|
||||
|
||||
@ -385,7 +385,7 @@ func printPrettyJSON(in []byte, logger logger.Interface) {
|
||||
logger.Infof("%s\n", out.String())
|
||||
}
|
||||
|
||||
func removeAuthInfo(sr *v1.ScanRequest) string {
|
||||
func removeScanAuthInfo(sr *v1.ScanRequest) string {
|
||||
req := &v1.ScanRequest{
|
||||
Artifact: sr.Artifact,
|
||||
Registry: &v1.Registry{
|
||||
@ -396,7 +396,38 @@ func removeAuthInfo(sr *v1.ScanRequest) string {
|
||||
|
||||
str, err := req.ToJSON()
|
||||
if err != nil {
|
||||
logger.Error(errors.Wrap(err, "scan job: remove auth"))
|
||||
logger.Error(errors.Wrap(err, "scan job: remove auth for scan request"))
|
||||
}
|
||||
|
||||
return str
|
||||
}
|
||||
|
||||
func removeRegistrationAuthInfo(sr *scanner.Registration) string {
|
||||
req := &scanner.Registration{
|
||||
ID: sr.ID,
|
||||
UUID: sr.UUID,
|
||||
Name: sr.Name,
|
||||
Description: sr.Description,
|
||||
URL: sr.URL,
|
||||
Disabled: sr.Disabled,
|
||||
IsDefault: sr.IsDefault,
|
||||
Health: sr.Health,
|
||||
Auth: sr.Auth,
|
||||
AccessCredential: "[HIDDEN]",
|
||||
SkipCertVerify: sr.SkipCertVerify,
|
||||
UseInternalAddr: sr.UseInternalAddr,
|
||||
Immutable: sr.Immutable,
|
||||
Adapter: sr.Adapter,
|
||||
Vendor: sr.Vendor,
|
||||
Version: sr.Version,
|
||||
Metadata: sr.Metadata,
|
||||
CreateTime: sr.CreateTime,
|
||||
UpdateTime: sr.UpdateTime,
|
||||
}
|
||||
|
||||
str, err := req.ToJSON()
|
||||
if err != nil {
|
||||
logger.Error(errors.Wrap(err, "scan job: remove auth for registration"))
|
||||
}
|
||||
|
||||
return str
|
||||
|
Loading…
Reference in New Issue
Block a user