This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch camel-3.21.x
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-3.21.x by this push:
new 4cebad7ebfd [CAMEL-19736] Add 'secret' as sensitive key for logging
purposes. (#11087)
4cebad7ebfd is described below
commit 4cebad7ebfd912429ea6e00ef3338a488870b7be
Author: Maarten Donderwinkel <[email protected]>
AuthorDate: Fri Aug 11 17:10:15 2023 +0200
[CAMEL-19736] Add 'secret' as sensitive key for logging purposes. (#11087)
* Add 'secret' as sensitive key for logging purposes.
Will mask environment variables upon usage
* Add 'secret' as sensitive key for logging purposes.
Will mask environment variables upon usage
add 'secret' to Helper file, added SensitiveUtils and sensitive-keys.json
files from changes by mvn clean install -DskipTests
---------
Co-authored-by: Maarten Donderwinkel <[email protected]>
---
.../resources/org/apache/camel/catalog/main/sensitive-keys.json | 1 +
.../src/main/java/org/apache/camel/util/SensitiveUtils.java | 4 +++-
.../src/test/java/org/apache/camel/util/SensitiveUtilsTest.java | 1 +
.../java/org/apache/camel/maven/packaging/UpdateSensitizeHelper.java | 2 +-
4 files changed, 6 insertions(+), 2 deletions(-)
diff --git
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/sensitive-keys.json
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/sensitive-keys.json
index da2b096023e..c52a7669a8e 100644
---
a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/sensitive-keys.json
+++
b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/sensitive-keys.json
@@ -55,6 +55,7 @@
"sascredential",
"sasljaasconfig",
"sassignature",
+ "secret",
"secretkey",
"securerandom",
"sharedaccesskey",
diff --git
a/core/camel-util/src/main/java/org/apache/camel/util/SensitiveUtils.java
b/core/camel-util/src/main/java/org/apache/camel/util/SensitiveUtils.java
index b6806bf3ca0..6c57f8d3aa7 100644
--- a/core/camel-util/src/main/java/org/apache/camel/util/SensitiveUtils.java
+++ b/core/camel-util/src/main/java/org/apache/camel/util/SensitiveUtils.java
@@ -84,6 +84,7 @@ public final class SensitiveUtils {
"sascredential",
"sasljaasconfig",
"sassignature",
+ "secret",
"secretkey",
"securerandom",
"sharedaccesskey",
@@ -166,6 +167,7 @@ public final class SensitiveUtils {
+ "|\\Qsascredential\\E"
+ "|\\Qsasljaasconfig\\E"
+ "|\\Qsassignature\\E"
+ + "|\\Qsecret\\E"
+ "|\\Qsecretkey\\E"
+ "|\\Qsecurerandom\\E"
+ "|\\Qsharedaccesskey\\E"
@@ -186,7 +188,7 @@ public final class SensitiveUtils {
+ "|\\Qverificationcode\\E"
+
"|\\Qwebhookverifytoken\\E"
+
"|\\Qzookeeperpassword\\E"
- // SENSITIVE-PATTERN: END
+ // SENSITIVE-PATTERN: END
;
private SensitiveUtils() {
diff --git
a/core/camel-util/src/test/java/org/apache/camel/util/SensitiveUtilsTest.java
b/core/camel-util/src/test/java/org/apache/camel/util/SensitiveUtilsTest.java
index 47ca1d80aa5..8588c4b9024 100644
---
a/core/camel-util/src/test/java/org/apache/camel/util/SensitiveUtilsTest.java
+++
b/core/camel-util/src/test/java/org/apache/camel/util/SensitiveUtilsTest.java
@@ -35,6 +35,7 @@ class SensitiveUtilsTest {
assertTrue(SensitiveUtils.containsSensitive("sasljaasconfig"));
assertTrue(SensitiveUtils.containsSensitive("sasl-jaas-config"));
assertTrue(SensitiveUtils.containsSensitive("saslJaasConfig"));
+ assertTrue(SensitiveUtils.containsSensitive("secret"));
assertTrue(SensitiveUtils.containsSensitive("secretkey"));
assertTrue(SensitiveUtils.containsSensitive("secret-key"));
assertTrue(SensitiveUtils.containsSensitive("secretKey"));
diff --git
a/tooling/maven/camel-package-maven-plugin/src/main/java/org/apache/camel/maven/packaging/UpdateSensitizeHelper.java
b/tooling/maven/camel-package-maven-plugin/src/main/java/org/apache/camel/maven/packaging/UpdateSensitizeHelper.java
index e3c98b49cc3..a650f30a1cc 100644
---
a/tooling/maven/camel-package-maven-plugin/src/main/java/org/apache/camel/maven/packaging/UpdateSensitizeHelper.java
+++
b/tooling/maven/camel-package-maven-plugin/src/main/java/org/apache/camel/maven/packaging/UpdateSensitizeHelper.java
@@ -57,7 +57,7 @@ public class UpdateSensitizeHelper extends
AbstractGeneratorMojo {
// extra keys that are regarded as secret which may not yet been in any
component
// they MUST be in lowercase and without a dash
private static final String[] EXTRA_KEYS
- = new String[] { "apipassword", "apiuser", "apiusername",
"api_key", "api_secret" };
+ = new String[] { "apipassword", "apiuser", "apiusername",
"api_key", "api_secret", "secret" };
@Parameter(defaultValue =
"${project.basedir}/src/generated/resources/org/apache/camel/catalog/")
protected File jsonDir;
