This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch 4.19
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/4.19 by this push:
new f702f7f57c6 Remove sensitive params (VmPassword, etc) from VMWork log
(#8553)
f702f7f57c6 is described below
commit f702f7f57c66f1ba1db2e20f5e072b5637e60d84
Author: Suresh Kumar Anaparti <[email protected]>
AuthorDate: Mon Feb 5 13:26:18 2024 +0530
Remove sensitive params (VmPassword, etc) from VMWork log (#8553)
---
.../src/main/java/com/cloud/vm/VmWork.java | 39 +++++++++++++++
.../java/com/cloud/vm/VmWorkJobHandlerProxy.java | 10 ++--
.../src/main/java/com/cloud/vm/VmWorkReboot.java | 9 ++++
.../src/main/java/com/cloud/vm/VmWorkStart.java | 9 ++++
.../test/java/com/cloud/vm/VmWorkRebootTest.java | 42 ++++++++++++++++
.../test/java/com/cloud/vm/VmWorkStartTest.java | 57 ++++++++++++++++++++++
6 files changed, 160 insertions(+), 6 deletions(-)
diff --git a/engine/components-api/src/main/java/com/cloud/vm/VmWork.java
b/engine/components-api/src/main/java/com/cloud/vm/VmWork.java
index a0b5e979524..33338297e26 100644
--- a/engine/components-api/src/main/java/com/cloud/vm/VmWork.java
+++ b/engine/components-api/src/main/java/com/cloud/vm/VmWork.java
@@ -17,9 +17,21 @@
package com.cloud.vm;
import java.io.Serializable;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.lang3.StringUtils;
+
+import com.cloud.serializer.GsonHelper;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.gson.Gson;
public class VmWork implements Serializable {
private static final long serialVersionUID = -6946320465729853589L;
+ private static final Gson gsonLogger = GsonHelper.getGsonLogger();
long userId;
long accountId;
@@ -56,4 +68,31 @@ public class VmWork implements Serializable {
public String getHandlerName() {
return handlerName;
}
+
+ @Override
+ public String toString() {
+ return gsonLogger.toJson(this);
+ }
+
+ protected String toStringAfterRemoveParams(String paramsObjName,
List<String> params) {
+ String ObjJsonStr = gsonLogger.toJson(this);
+ if (StringUtils.isBlank(ObjJsonStr) ||
StringUtils.isBlank(paramsObjName) || CollectionUtils.isEmpty(params)) {
+ return ObjJsonStr;
+ }
+
+ try {
+ Map<String, Object> ObjMap = new
ObjectMapper().readValue(ObjJsonStr, HashMap.class);
+ if (ObjMap != null && ObjMap.containsKey(paramsObjName)) {
+ for (String param : params) {
+ ((Map<String,
String>)ObjMap.get(paramsObjName)).remove(param);
+ }
+ String resultJson = new
ObjectMapper().writeValueAsString(ObjMap);
+ return resultJson;
+ }
+ } catch (final JsonProcessingException e) {
+ // Ignore json exception
+ }
+
+ return ObjJsonStr;
+ }
}
diff --git
a/engine/components-api/src/main/java/com/cloud/vm/VmWorkJobHandlerProxy.java
b/engine/components-api/src/main/java/com/cloud/vm/VmWorkJobHandlerProxy.java
index ce10a83c7cd..a542da6cf8e 100644
---
a/engine/components-api/src/main/java/com/cloud/vm/VmWorkJobHandlerProxy.java
+++
b/engine/components-api/src/main/java/com/cloud/vm/VmWorkJobHandlerProxy.java
@@ -21,15 +21,13 @@ import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.Map;
-import org.apache.log4j.Logger;
-
-import com.google.gson.Gson;
-
import org.apache.cloudstack.framework.jobs.impl.JobSerializerHelper;
import org.apache.cloudstack.jobs.JobInfo;
+import org.apache.log4j.Logger;
import com.cloud.serializer.GsonHelper;
import com.cloud.utils.Pair;
+import com.google.gson.Gson;
/**
* VmWorkJobHandlerProxy can not be used as standalone due to run-time
@@ -102,12 +100,12 @@ public class VmWorkJobHandlerProxy implements
VmWorkJobHandler {
try {
if (s_logger.isDebugEnabled())
- s_logger.debug("Execute VM work job: " +
work.getClass().getName() + _gsonLogger.toJson(work));
+ s_logger.debug("Execute VM work job: " +
work.getClass().getName() + work);
Object obj = method.invoke(_target, work);
if (s_logger.isDebugEnabled())
- s_logger.debug("Done executing VM work job: " +
work.getClass().getName() + _gsonLogger.toJson(work));
+ s_logger.debug("Done executing VM work job: " +
work.getClass().getName() + work);
assert (obj instanceof Pair);
return (Pair<JobInfo.Status, String>)obj;
diff --git a/engine/orchestration/src/main/java/com/cloud/vm/VmWorkReboot.java
b/engine/orchestration/src/main/java/com/cloud/vm/VmWorkReboot.java
index 6a903b3d781..3813a8dc207 100644
--- a/engine/orchestration/src/main/java/com/cloud/vm/VmWorkReboot.java
+++ b/engine/orchestration/src/main/java/com/cloud/vm/VmWorkReboot.java
@@ -17,7 +17,9 @@
package com.cloud.vm;
import java.io.Serializable;
+import java.util.ArrayList;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
import org.apache.cloudstack.framework.jobs.impl.JobSerializerHelper;
@@ -62,4 +64,11 @@ public class VmWorkReboot extends VmWork {
}
}
}
+
+ @Override
+ public String toString() {
+ List<String> params = new ArrayList<>();
+ params.add(VirtualMachineProfile.Param.VmPassword.getName());
+ return super.toStringAfterRemoveParams("rawParams", params);
+ }
}
diff --git a/engine/orchestration/src/main/java/com/cloud/vm/VmWorkStart.java
b/engine/orchestration/src/main/java/com/cloud/vm/VmWorkStart.java
index 1b2a7194d17..5a7acdd9edb 100644
--- a/engine/orchestration/src/main/java/com/cloud/vm/VmWorkStart.java
+++ b/engine/orchestration/src/main/java/com/cloud/vm/VmWorkStart.java
@@ -18,7 +18,9 @@
package com.cloud.vm;
import java.io.Serializable;
+import java.util.ArrayList;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
import org.apache.cloudstack.context.CallContext;
@@ -135,4 +137,11 @@ public class VmWorkStart extends VmWork {
}
}
}
+
+ @Override
+ public String toString() {
+ List<String> params = new ArrayList<>();
+ params.add(VirtualMachineProfile.Param.VmPassword.getName());
+ return super.toStringAfterRemoveParams("rawParams", params);
+ }
}
diff --git
a/engine/orchestration/src/test/java/com/cloud/vm/VmWorkRebootTest.java
b/engine/orchestration/src/test/java/com/cloud/vm/VmWorkRebootTest.java
new file mode 100644
index 00000000000..75ffd94600a
--- /dev/null
+++ b/engine/orchestration/src/test/java/com/cloud/vm/VmWorkRebootTest.java
@@ -0,0 +1,42 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.vm;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.cloudstack.framework.jobs.impl.JobSerializerHelper;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class VmWorkRebootTest {
+
+ @Test
+ public void testToString() {
+ VmWork vmWork = new VmWork(1l, 1l, 1l, "testhandler");
+ Map<VirtualMachineProfile.Param, Object> params = new HashMap<>();
+ String lastHost = "rO0ABXQABHRydWU";
+ String lastHostSerialized =
JobSerializerHelper.toObjectSerializedString(lastHost);
+ params.put(VirtualMachineProfile.Param.ConsiderLastHost, lastHost);
+ params.put(VirtualMachineProfile.Param.VmPassword,
"rO0ABXQADnNhdmVkX3Bhc3N3b3Jk");
+ VmWorkReboot workInfo = new VmWorkReboot(vmWork, params);
+ String expectedVmWorkRebootStr =
"{\"accountId\":1,\"vmId\":1,\"handlerName\":\"testhandler\",\"userId\":1,\"rawParams\":{\"ConsiderLastHost\":\""
+ lastHostSerialized + "\"}}";
+
+ String vmWorkRebootStr = workInfo.toString();
+ Assert.assertEquals(expectedVmWorkRebootStr, vmWorkRebootStr);
+ }
+}
diff --git
a/engine/orchestration/src/test/java/com/cloud/vm/VmWorkStartTest.java
b/engine/orchestration/src/test/java/com/cloud/vm/VmWorkStartTest.java
new file mode 100644
index 00000000000..a0644b1976f
--- /dev/null
+++ b/engine/orchestration/src/test/java/com/cloud/vm/VmWorkStartTest.java
@@ -0,0 +1,57 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.vm;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.cloudstack.framework.jobs.impl.JobSerializerHelper;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class VmWorkStartTest {
+
+ @Test
+ public void testToStringWithParams() {
+ VmWork vmWork = new VmWork(1l, 1l, 1l, "testhandler");
+ VmWorkStart workInfo = new VmWorkStart(vmWork);
+ Map<VirtualMachineProfile.Param, Object> params = new HashMap<>();
+ String lastHost = "rO0ABXQABHRydWU";
+ String lastHostSerialized =
JobSerializerHelper.toObjectSerializedString(lastHost);
+ params.put(VirtualMachineProfile.Param.ConsiderLastHost, lastHost);
+ params.put(VirtualMachineProfile.Param.VmPassword,
"rO0ABXQADnNhdmVkX3Bhc3N3b3Jk");
+ workInfo.setParams(params);
+ String expectedVmWorkStartStr =
"{\"accountId\":1,\"dcId\":0,\"vmId\":1,\"handlerName\":\"testhandler\",\"userId\":1,\"rawParams\":{\"ConsiderLastHost\":\""
+ lastHostSerialized + "\"}}";
+
+ String vmWorkStartStr = workInfo.toString();
+ Assert.assertEquals(expectedVmWorkStartStr, vmWorkStartStr);
+ }
+
+ @Test
+ public void testToStringWithRawParams() {
+ VmWork vmWork = new VmWork(1l, 1l, 1l, "testhandler");
+ VmWorkStart workInfo = new VmWorkStart(vmWork);
+ Map<String, String> rawParams = new HashMap<>();
+ rawParams.put(VirtualMachineProfile.Param.ConsiderLastHost.getName(),
"rO0ABXQABHRydWU");
+ rawParams.put(VirtualMachineProfile.Param.VmPassword.getName(),
"rO0ABXQADnNhdmVkX3Bhc3N3b3Jk");
+ workInfo.setRawParams(rawParams);
+ String expectedVmWorkStartStr =
"{\"accountId\":1,\"dcId\":0,\"vmId\":1,\"handlerName\":\"testhandler\",\"userId\":1,\"rawParams\":{\"ConsiderLastHost\":\"rO0ABXQABHRydWU\"}}";
+
+ String vmWorkStartStr = workInfo.toString();
+ Assert.assertEquals(expectedVmWorkStartStr, vmWorkStartStr);
+ }
+}
