You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2023/08/11 15:15:38 UTC
[camel] branch camel-3.20.x updated: [CAMEL-19736] Add 'secret' as sensitive key for logging purposes. (#11087)
This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch camel-3.20.x
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-3.20.x by this push:
new 8ff5dee8e9b [CAMEL-19736] Add 'secret' as sensitive key for logging purposes. (#11087)
8ff5dee8e9b is described below
commit 8ff5dee8e9bf944f1bbefbfb88f297b98e2f9976
Author: Maarten Donderwinkel <ma...@donderwinkel.org>
AuthorDate: Fri Aug 11 17:10:15 2023 +0200
[CAMEL-19736] Add 'secret' as sensitive key for logging purposes. (#11087)
* Add 'secret' as sensitive key for logging purposes.
Will mask environment variables upon usage
* Add 'secret' as sensitive key for logging purposes.
Will mask environment variables upon usage
add 'secret' to Helper file, added SensitiveUtils and sensitive-keys.json files from changes by mvn clean install -DskipTests
---------
Co-authored-by: Maarten Donderwinkel <ma...@aiden.eu>
---
.../resources/org/apache/camel/catalog/main/sensitive-keys.json | 1 +
.../src/main/java/org/apache/camel/util/SensitiveUtils.java | 4 +++-
.../src/test/java/org/apache/camel/util/SensitiveUtilsTest.java | 1 +
.../java/org/apache/camel/maven/packaging/UpdateSensitizeHelper.java | 2 +-
4 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/sensitive-keys.json b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/sensitive-keys.json
index ccdc434cf56..87ce978a25c 100644
--- a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/sensitive-keys.json
+++ b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/sensitive-keys.json
@@ -54,6 +54,7 @@
"sascredential",
"sasljaasconfig",
"sassignature",
+ "secret",
"secretkey",
"securerandom",
"sharedaccesskey",
diff --git a/core/camel-util/src/main/java/org/apache/camel/util/SensitiveUtils.java b/core/camel-util/src/main/java/org/apache/camel/util/SensitiveUtils.java
index 8414c16966d..f54e681abc9 100644
--- a/core/camel-util/src/main/java/org/apache/camel/util/SensitiveUtils.java
+++ b/core/camel-util/src/main/java/org/apache/camel/util/SensitiveUtils.java
@@ -83,6 +83,7 @@ public final class SensitiveUtils {
"sascredential",
"sasljaasconfig",
"sassignature",
+ "secret",
"secretkey",
"securerandom",
"sharedaccesskey",
@@ -164,6 +165,7 @@ public final class SensitiveUtils {
+ "|\\Qsascredential\\E"
+ "|\\Qsasljaasconfig\\E"
+ "|\\Qsassignature\\E"
+ + "|\\Qsecret\\E"
+ "|\\Qsecretkey\\E"
+ "|\\Qsecurerandom\\E"
+ "|\\Qsharedaccesskey\\E"
@@ -184,7 +186,7 @@ public final class SensitiveUtils {
+ "|\\Qverificationcode\\E"
+ "|\\Qwebhookverifytoken\\E"
+ "|\\Qzookeeperpassword\\E"
- // SENSITIVE-PATTERN: END
+ // SENSITIVE-PATTERN: END
;
private SensitiveUtils() {
diff --git a/core/camel-util/src/test/java/org/apache/camel/util/SensitiveUtilsTest.java b/core/camel-util/src/test/java/org/apache/camel/util/SensitiveUtilsTest.java
index 47ca1d80aa5..8588c4b9024 100644
--- a/core/camel-util/src/test/java/org/apache/camel/util/SensitiveUtilsTest.java
+++ b/core/camel-util/src/test/java/org/apache/camel/util/SensitiveUtilsTest.java
@@ -35,6 +35,7 @@ class SensitiveUtilsTest {
assertTrue(SensitiveUtils.containsSensitive("sasljaasconfig"));
assertTrue(SensitiveUtils.containsSensitive("sasl-jaas-config"));
assertTrue(SensitiveUtils.containsSensitive("saslJaasConfig"));
+ assertTrue(SensitiveUtils.containsSensitive("secret"));
assertTrue(SensitiveUtils.containsSensitive("secretkey"));
assertTrue(SensitiveUtils.containsSensitive("secret-key"));
assertTrue(SensitiveUtils.containsSensitive("secretKey"));
diff --git a/tooling/maven/camel-package-maven-plugin/src/main/java/org/apache/camel/maven/packaging/UpdateSensitizeHelper.java b/tooling/maven/camel-package-maven-plugin/src/main/java/org/apache/camel/maven/packaging/UpdateSensitizeHelper.java
index e3c98b49cc3..a650f30a1cc 100644
--- a/tooling/maven/camel-package-maven-plugin/src/main/java/org/apache/camel/maven/packaging/UpdateSensitizeHelper.java
+++ b/tooling/maven/camel-package-maven-plugin/src/main/java/org/apache/camel/maven/packaging/UpdateSensitizeHelper.java
@@ -57,7 +57,7 @@ public class UpdateSensitizeHelper extends AbstractGeneratorMojo {
// extra keys that are regarded as secret which may not yet been in any component
// they MUST be in lowercase and without a dash
private static final String[] EXTRA_KEYS
- = new String[] { "apipassword", "apiuser", "apiusername", "api_key", "api_secret" };
+ = new String[] { "apipassword", "apiuser", "apiusername", "api_key", "api_secret", "secret" };
@Parameter(defaultValue = "${project.basedir}/src/generated/resources/org/apache/camel/catalog/")
protected File jsonDir;