You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@brooklyn.apache.org by robertgmoss <gi...@git.apache.org> on 2015/03/10 13:08:26 UTC
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
GitHub user robertgmoss opened a pull request:
https://github.com/apache/incubator-brooklyn/pull/546
Add recursive sanitation and move to own class
Deprecates the existing method in Entities and updates all references. Partial fix for BROOKLYN-10
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/robertgmoss/incubator-brooklyn fix/leaking-secrets
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-brooklyn/pull/546.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #546
----
commit 2f99f2515bf5a4cfd7d87210c207346dd67bff60
Author: Robert Moss <ro...@gmail.com>
Date: 2015-03-10T12:01:11Z
Add recursive sanitation and move to own class
Deprecates the existing method in Entities and updates all references.
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by aledsage <gi...@git.apache.org>.
Github user aledsage commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#discussion_r26116083
--- Diff: core/src/main/java/brooklyn/entity/basic/Entities.java ---
@@ -270,17 +270,20 @@ public static boolean isTrivial(Object v) {
(v instanceof CharSequence&& ((CharSequence)v).length() == 0);
}
+ /**
+ * @deprecated since 0.7
+ */
+ @Deprecated
public static Map<String,Object> sanitize(ConfigBag input) {
- return sanitize(input.getAllConfig());
+ return Sanitizer.sanitize(input.getAllConfig());
--- End diff --
I'd call `Sanitize(input)`
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by robertgmoss <gi...@git.apache.org>.
Github user robertgmoss commented on the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#issuecomment-78074531
@aledsage I've addressed your comments.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by aledsage <gi...@git.apache.org>.
Github user aledsage commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#discussion_r26116363
--- Diff: core/src/main/java/brooklyn/entity/basic/Sanitizer.java ---
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package brooklyn.entity.basic;
+
+import java.util.Map;
+import java.util.Set;
+
+import brooklyn.util.config.ConfigBag;
+
+import com.google.common.collect.Maps;
+import com.google.common.collect.Sets;
+
+public final class Sanitizer {
+
+ private Sanitizer() {
+ } // not instantiable
+
+ public static Map<String, Object> sanitize(ConfigBag input) {
+ return sanitize(input.getAllConfig());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input) {
+ return sanitize(input, Sets.newHashSet());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input, Set<Object> visited) {
+ Map<K, Object> result = Maps.newLinkedHashMap();
+ for (Map.Entry<K, ?> e : input.entrySet()) {
+ if (Entities.isSecret("" + e.getKey()))
+ result.put(e.getKey(), "xxxxxxxx");
+ else if (e.getValue() instanceof Map) {
+ if (visited.contains(e.getValue())) {
+ continue;
--- End diff --
I think we still need a `result.put(...)` for if already visited?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by aledsage <gi...@git.apache.org>.
Github user aledsage commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#discussion_r26116130
--- Diff: core/src/main/java/brooklyn/entity/basic/Entities.java ---
@@ -270,17 +270,20 @@ public static boolean isTrivial(Object v) {
(v instanceof CharSequence&& ((CharSequence)v).length() == 0);
}
+ /**
+ * @deprecated since 0.7
--- End diff --
Can you include in javadoc which method to call (e.g. `@deprecated since 0.7; instead use {@link Sanitizer#sanitize(ConfigBag)}`
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by ahgittin <gi...@git.apache.org>.
Github user ahgittin commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#discussion_r26117383
--- Diff: core/src/main/java/brooklyn/entity/basic/Sanitizer.java ---
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package brooklyn.entity.basic;
+
+import java.util.Map;
+import java.util.Set;
+
+import brooklyn.util.config.ConfigBag;
+
+import com.google.common.collect.Maps;
+import com.google.common.collect.Sets;
+
+public final class Sanitizer {
+
+ private Sanitizer() {
+ } // not instantiable
+
+ public static Map<String, Object> sanitize(ConfigBag input) {
+ return sanitize(input.getAllConfig());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input) {
+ return sanitize(input, Sets.newHashSet());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input, Set<Object> visited) {
--- End diff --
(the static `sanitize(x)` methods can stay as conveniences calling `newInstance().apply(x)`)
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by aledsage <gi...@git.apache.org>.
Github user aledsage commented on the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#issuecomment-78042993
@robertgmoss looks good - only very minor comments.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by aledsage <gi...@git.apache.org>.
Github user aledsage commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#discussion_r26116215
--- Diff: core/src/main/java/brooklyn/entity/basic/Sanitizer.java ---
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package brooklyn.entity.basic;
+
+import java.util.Map;
+import java.util.Set;
+
+import brooklyn.util.config.ConfigBag;
+
+import com.google.common.collect.Maps;
+import com.google.common.collect.Sets;
+
+public final class Sanitizer {
+
+ private Sanitizer() {
+ } // not instantiable
+
+ public static Map<String, Object> sanitize(ConfigBag input) {
+ return sanitize(input.getAllConfig());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input) {
+ return sanitize(input, Sets.newHashSet());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input, Set<Object> visited) {
+ Map<K, Object> result = Maps.newLinkedHashMap();
+ for (Map.Entry<K, ?> e : input.entrySet()) {
+ if (Entities.isSecret("" + e.getKey()))
--- End diff --
Maybe move `Entities.isSecret` to `Sanitizer` as well? And `Entities.SECRET_NAMES` (deprecated in old place of course).
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/incubator-brooklyn/pull/546
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by aledsage <gi...@git.apache.org>.
Github user aledsage commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#discussion_r26116537
--- Diff: core/src/main/java/brooklyn/entity/basic/Sanitizer.java ---
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package brooklyn.entity.basic;
+
+import java.util.Map;
+import java.util.Set;
+
+import brooklyn.util.config.ConfigBag;
+
+import com.google.common.collect.Maps;
+import com.google.common.collect.Sets;
+
+public final class Sanitizer {
+
+ private Sanitizer() {
+ } // not instantiable
+
+ public static Map<String, Object> sanitize(ConfigBag input) {
+ return sanitize(input.getAllConfig());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input) {
+ return sanitize(input, Sets.newHashSet());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input, Set<Object> visited) {
+ Map<K, Object> result = Maps.newLinkedHashMap();
+ for (Map.Entry<K, ?> e : input.entrySet()) {
+ if (Entities.isSecret("" + e.getKey()))
+ result.put(e.getKey(), "xxxxxxxx");
+ else if (e.getValue() instanceof Map) {
+ if (visited.contains(e.getValue())) {
+ continue;
+ }
+ visited.add(e.getValue());
+ result.put(e.getKey(), sanitize((Map<?, ?>) e.getValue(), visited));
+ } else {
+ result.put(e.getKey(), e.getValue());
--- End diff --
Could also have a `sanitize(List<?> input, Set<Object> visited)`, and same for `Set`? Feels like simple to add, and will possibly catch some more places we should sanitize (either now or in the future).
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by aledsage <gi...@git.apache.org>.
Github user aledsage commented on the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#issuecomment-78253493
Merging.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by ahgittin <gi...@git.apache.org>.
Github user ahgittin commented on the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#issuecomment-78082921
LGTM
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by aledsage <gi...@git.apache.org>.
Github user aledsage commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#discussion_r26116317
--- Diff: core/src/main/java/brooklyn/entity/basic/Sanitizer.java ---
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package brooklyn.entity.basic;
+
+import java.util.Map;
+import java.util.Set;
+
+import brooklyn.util.config.ConfigBag;
+
+import com.google.common.collect.Maps;
+import com.google.common.collect.Sets;
+
+public final class Sanitizer {
+
+ private Sanitizer() {
+ } // not instantiable
+
+ public static Map<String, Object> sanitize(ConfigBag input) {
+ return sanitize(input.getAllConfig());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input) {
+ return sanitize(input, Sets.newHashSet());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input, Set<Object> visited) {
--- End diff --
Personally I'd have this as a package-private method - the second arg is an implementation detail. But no strong feelings.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by ahgittin <gi...@git.apache.org>.
Github user ahgittin commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#discussion_r26117338
--- Diff: core/src/main/java/brooklyn/entity/basic/Sanitizer.java ---
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package brooklyn.entity.basic;
+
+import java.util.Map;
+import java.util.Set;
+
+import brooklyn.util.config.ConfigBag;
+
+import com.google.common.collect.Maps;
+import com.google.common.collect.Sets;
+
+public final class Sanitizer {
+
+ private Sanitizer() {
+ } // not instantiable
+
+ public static Map<String, Object> sanitize(ConfigBag input) {
+ return sanitize(input.getAllConfig());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input) {
+ return sanitize(input, Sets.newHashSet());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input, Set<Object> visited) {
--- End diff --
Actually I'd build out a non-static implementation whereby the secret detection can be controlled.
public static Sanitizer(Predicate<Object> sanitizingNeededCheck) { new Sanitizer(sanitizingNeededCheck); }
protected Sanitizer(Predicate<Object> sanitizingNeededCheck) { ... }
public <K> Map<K,Object> apply(Map<K,?> input) { return apply(input, Sets.newHashSet()); }
private <K> Map<K,Object> apply(Map<K,?> input, Set<Object> visitied) {
// old visited code
}
then moving `SECRET_NAMES` in becomes a default that `newInstance()` can use, but it can now be customised
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by ahgittin <gi...@git.apache.org>.
Github user ahgittin commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#discussion_r26134307
--- Diff: core/src/main/java/brooklyn/entity/basic/Sanitizer.java ---
@@ -0,0 +1,152 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package brooklyn.entity.basic;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import brooklyn.util.config.ConfigBag;
+
+import com.google.api.client.util.Lists;
+import com.google.common.base.Predicate;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.Maps;
+import com.google.common.collect.Sets;
+
+public final class Sanitizer {
+
+ /**
+ * Names that, if they appear anywhere in an attribute/config/field
+ * indicates that it may be private, so should not be logged etc.
+ */
+ public static final List<String> SECRET_NAMES = ImmutableList.of(
+ "password",
+ "passwd",
+ "credential",
+ "secret",
+ "private",
+ "access.cert",
+ "access.key");
+
+ public static final Predicate<Object> IS_SECRET_PREDICATE = new Predicate<Object>() {
--- End diff --
note there are `StringPredicates` and `StringFunctions` including `toLowerCase` and `containsLiteral` which you can combine, but lists are especially tedious so i wouldn't try a pure functional build-up ... however if this logic is needed elsewhere might be worth moving the body there as a static method `Predicate<Object> containsAnyLiteralIgnoringCase(Iterable<String>)`
not needed for this PR, just wanted to point you at those classes
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-brooklyn pull request: Add recursive sanitation and move...
Posted by ahgittin <gi...@git.apache.org>.
Github user ahgittin commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/546#discussion_r26117074
--- Diff: core/src/main/java/brooklyn/entity/basic/Sanitizer.java ---
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package brooklyn.entity.basic;
+
+import java.util.Map;
+import java.util.Set;
+
+import brooklyn.util.config.ConfigBag;
+
+import com.google.common.collect.Maps;
+import com.google.common.collect.Sets;
+
+public final class Sanitizer {
+
+ private Sanitizer() {
+ } // not instantiable
+
+ public static Map<String, Object> sanitize(ConfigBag input) {
+ return sanitize(input.getAllConfig());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input) {
+ return sanitize(input, Sets.newHashSet());
+ }
+
+ public static <K> Map<K, Object> sanitize(Map<K, ?> input, Set<Object> visited) {
+ Map<K, Object> result = Maps.newLinkedHashMap();
+ for (Map.Entry<K, ?> e : input.entrySet()) {
+ if (Entities.isSecret("" + e.getKey()))
--- End diff --
+1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---