ipmi: extra log sanitation (apache#10428)

DaanHoogland · dhslove · commit 5e44c34147df · 2025-02-26T12:09:55.000+09:00
diff --git a/plugins/outofbandmanagement-drivers/ipmitool/src/main/java/org/apache/cloudstack/outofbandmanagement/driver/ipmitool/IpmitoolOutOfBandManagementDriver.java b/plugins/outofbandmanagement-drivers/ipmitool/src/main/java/org/apache/cloudstack/outofbandmanagement/driver/ipmitool/IpmitoolOutOfBandManagementDriver.java
@@ -45,13 +45,13 @@ public final class IpmitoolOutOfBandManagementDriver extends AdapterBase impleme
     private final ExecutorService ipmitoolExecutor = Executors.newFixedThreadPool(OutOfBandManagementService.SyncThreadPoolSize.value(), new NamedThreadFactory("IpmiToolDriver"));
     private final IpmitoolWrapper IPMITOOL = new IpmitoolWrapper(ipmitoolExecutor);
 
-    public final ConfigKey<String> IpmiToolPath = new ConfigKey<String>("Advanced", String.class, "outofbandmanagement.ipmitool.path", "/usr/bin/ipmitool",
+    public final ConfigKey<String> IpmiToolPath = new ConfigKey<>("Advanced", String.class, "outofbandmanagement.ipmitool.path", "/usr/bin/ipmitool",
             "The out of band management ipmitool path used by the IpmiTool driver. Default: /usr/bin/ipmitool.", true, ConfigKey.Scope.Global);
 
-    public final ConfigKey<String> IpmiToolInterface = new ConfigKey<String>("Advanced", String.class, "outofbandmanagement.ipmitool.interface", "lanplus",
+    public final ConfigKey<String> IpmiToolInterface = new ConfigKey<>("Advanced", String.class, "outofbandmanagement.ipmitool.interface", "lanplus",
             "The out of band management IpmiTool driver interface to use. Default: lanplus. Valid values are: lan, lanplus, open etc.", true, ConfigKey.Scope.Global);
 
-    public final ConfigKey<String> IpmiToolRetries = new ConfigKey<String>("Advanced", String.class, "outofbandmanagement.ipmitool.retries", "1",
+    public final ConfigKey<String> IpmiToolRetries = new ConfigKey<>("Advanced", String.class, "outofbandmanagement.ipmitool.retries", "1",
             "The out of band management IpmiTool driver retries option -R. Default 1.", true, ConfigKey.Scope.Global);
 
     private String getIpmiUserId(ImmutableMap<OutOfBandManagement.Option, String> options, final Duration timeOut) {
@@ -120,7 +120,7 @@ private OutOfBandManagementDriverResponse execute(final OutOfBandManagementDrive
 
         final OutOfBandManagementDriverResponse response = IPMITOOL.executeCommands(ipmiToolCommands, cmd.getTimeout());
 
-        String oneLineCommand = StringUtils.join(ipmiToolCommands, " ");
+        String oneLineCommand = StringUtils.join(IPMITOOL.getSanatisedCommandStrings(ipmiToolCommands), " ");
         String result = response.getResult().trim();
 
         if (response.isSuccess()) {
diff --git a/plugins/outofbandmanagement-drivers/ipmitool/src/main/java/org/apache/cloudstack/outofbandmanagement/driver/ipmitool/IpmitoolWrapper.java b/plugins/outofbandmanagement-drivers/ipmitool/src/main/java/org/apache/cloudstack/outofbandmanagement/driver/ipmitool/IpmitoolWrapper.java
@@ -27,6 +27,7 @@
 import org.apache.cloudstack.utils.process.ProcessRunner;
 import org.apache.logging.log4j.Logger;
 import org.apache.logging.log4j.LogManager;
+
 import org.joda.time.Duration;
 
 import java.util.ArrayList;
@@ -157,25 +158,32 @@ public OutOfBandManagementDriverResponse executeCommands(final List<String> comm
     public OutOfBandManagementDriverResponse executeCommands(final List<String> commands, final Duration timeOut) {
         final ProcessResult result = RUNNER.executeCommands(commands, timeOut);
         if (logger.isTraceEnabled()) {
-            List<String> cleanedCommands = new ArrayList<String>();
-            int maskNextCommand = 0;
-            for (String command : commands) {
-                if (maskNextCommand > 0) {
-                    cleanedCommands.add("**** ");
-                    maskNextCommand--;
-                    continue;
-                }
-                if (command.equalsIgnoreCase("-P")) {
-                    maskNextCommand = 1;
-                } else if (command.toLowerCase().endsWith("password")) {
-                    maskNextCommand = 2;
-                }
-                cleanedCommands.add(command);
-            }
-            logger.trace("Executed ipmitool process with commands: " + StringUtils.join(cleanedCommands, ", ") +
-                      "\nIpmitool execution standard output: " + result.getStdOutput() +
-                      "\nIpmitool execution error output: " + result.getStdError());
+            List<String> cleanedCommands = getSanatisedCommandStrings(commands);
+            logger.trace("Executed ipmitool process with commands: {}\nIpmitool execution standard output: {}\nIpmitool execution error output: {}",
+                    StringUtils.join(cleanedCommands, ", "),
+                    result.getStdOutput(),
+                    result.getStdError());
         }
         return new OutOfBandManagementDriverResponse(result.getStdOutput(), result.getStdError(), result.isSuccess());
     }
+
+    @NotNull
+    List<String> getSanatisedCommandStrings(List<String> commands) {
+        List<String> cleanedCommands = new ArrayList<String>();
+        int maskNextCommand = 0;
+        for (String command : commands) {
+            if (maskNextCommand > 0) {
+                cleanedCommands.add("**** ");
+                maskNextCommand--;
+                continue;
+            }
+            if (command.equalsIgnoreCase("-P")) {
+                maskNextCommand = 1;
+            } else if (command.toLowerCase().endsWith("password")) {
+                maskNextCommand = 2;
+            }
+            cleanedCommands.add(command);
+        }
+        return cleanedCommands;
+    }
 }
