[skywalking] branch master updated: Do not print sensitive properties' values in logs (#11120)

Thu, 20 Jul 2023 07:38:17 -0700 

This is an automated email from the ASF dual-hosted git repository.

wusheng pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/skywalking.git


The following commit(s) were added to refs/heads/master by this push:
     new 1de70adb6c Do not print sensitive properties' values in logs (#11120)
1de70adb6c is described below

commit 1de70adb6ceb912057c9993b59b7fd349454a0ba
Author: kezhenxu94 <[email protected]>
AuthorDate: Thu Jul 20 22:38:05 2023 +0800

    Do not print sensitive properties' values in logs (#11120)
---
 docs/en/changes/changes.md                         |  1 +
 .../starter/config/ApplicationConfigLoader.java    | 45 +++++++++-------------
 2 files changed, 20 insertions(+), 26 deletions(-)

diff --git a/docs/en/changes/changes.md b/docs/en/changes/changes.md
index 09de7230c4..4e447b4d12 100644
--- a/docs/en/changes/changes.md
+++ b/docs/en/changes/changes.md
@@ -50,6 +50,7 @@
 * Apply MQE on Virtual-Cache layer UI-templates
 * Add Echo component ID(5015) language: Golang.
 * Fix `index out of bounds exception` in `aggregate_labels` MQE function.
+* Do not print configurations values in logs to avoid sensitive info leaked.
 * Move created the latest index before retrieval indexes by aliases to avoid 
the 404 exception. This just prevents some interference from manual operations.
 
 #### UI
diff --git 
a/oap-server/server-starter/src/main/java/org/apache/skywalking/oap/server/starter/config/ApplicationConfigLoader.java
 
b/oap-server/server-starter/src/main/java/org/apache/skywalking/oap/server/starter/config/ApplicationConfigLoader.java
index 3bccd303a9..048a169701 100644
--- 
a/oap-server/server-starter/src/main/java/org/apache/skywalking/oap/server/starter/config/ApplicationConfigLoader.java
+++ 
b/oap-server/server-starter/src/main/java/org/apache/skywalking/oap/server/starter/config/ApplicationConfigLoader.java
@@ -18,20 +18,21 @@
 
 package org.apache.skywalking.oap.server.starter.config;
 
-import java.io.FileNotFoundException;
-import java.io.Reader;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Properties;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.skywalking.oap.server.library.util.PropertyPlaceholderHelper;
 import 
org.apache.skywalking.oap.server.library.module.ApplicationConfiguration;
 import 
org.apache.skywalking.oap.server.library.module.ProviderNotFoundException;
 import org.apache.skywalking.oap.server.library.util.CollectionUtils;
+import org.apache.skywalking.oap.server.library.util.PropertyPlaceholderHelper;
 import org.apache.skywalking.oap.server.library.util.ResourceUtils;
 import org.yaml.snakeyaml.Yaml;
 
+import java.io.FileNotFoundException;
+import java.io.Reader;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Properties;
+
 /**
  * Initialize collector settings with following sources. Use application.yml 
as primary setting, and fix missing setting
  * by default settings in application-default.yml.
@@ -76,7 +77,7 @@ public class ApplicationConfigLoader implements 
ConfigLoader<ApplicationConfigur
                                 propertiesConfig.forEach((propertyName, 
propertyValue) -> {
                                     if (propertyValue instanceof Map) {
                                         Properties subProperties = new 
Properties();
-                                        ((Map) propertyValue).forEach((key, 
value) -> {
+                                        ((Map<String, ?>) 
propertyValue).forEach((key, value) -> {
                                             subProperties.put(key, value);
                                             replacePropertyAndLog(key, value, 
subProperties, providerName);
                                         });
@@ -102,26 +103,18 @@ public class ApplicationConfigLoader implements 
ConfigLoader<ApplicationConfigur
         }
     }
 
-    private void replacePropertyAndLog(final Object propertyName, final Object 
propertyValue, final Properties target,
+    private void replacePropertyAndLog(final String propertyName, final Object 
propertyValue, final Properties target,
                                        final Object providerName) {
         final String valueString = PropertyPlaceholderHelper.INSTANCE
-            .replacePlaceholders(propertyValue + "", target);
-        if (valueString != null) {
-            if (valueString.trim().length() == 0) {
-                target.replace(propertyName, valueString);
-                log.info("Provider={} config={} has been set as an empty 
string", providerName, propertyName);
-            } else {
-                // Use YAML to do data type conversion.
-                final Object replaceValue = convertValueString(valueString);
-                if (replaceValue != null) {
-                    target.replace(propertyName, replaceValue);
-                    log.info(
-                        "Provider={} config={} has been set as {}",
-                        providerName,
-                        propertyName,
-                        replaceValue.toString()
-                    );
-                }
+            .replacePlaceholders(String.valueOf(propertyValue), target);
+        if (valueString.trim().length() == 0) {
+            target.replace(propertyName, valueString);
+            log.info("Provider={} config={} has been set as an empty string", 
providerName, propertyName);
+        } else {
+            // Use YAML to do data type conversion.
+            final Object replaceValue = convertValueString(valueString);
+            if (replaceValue != null) {
+                target.replace(propertyName, replaceValue);
             }
         }
     }

Reply via email to