Skip to content

Commit 6a277f0

Browse files
djshow832djshow832
authored
sqlreplay: redact the S3 secrets (#743)
1 parent a5bc933 commit 6a277f0

File tree

2 files changed

+31
-2
lines changed

2 files changed

+31
-2
lines changed

pkg/sqlreplay/manager/job.go

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ import (
88
"fmt"
99
"time"
1010

11+
"github.com/pingcap/tidb/pkg/parser/ast"
1112
"github.com/pingcap/tiproxy/pkg/sqlreplay/capture"
1213
"github.com/pingcap/tiproxy/pkg/sqlreplay/replay"
1314
"github.com/siddontang/go/hack"
@@ -96,7 +97,7 @@ func (job *captureJob) Type() JobType {
9697
func (job *captureJob) MarshalJSON() ([]byte, error) {
9798
job4Marshal := job.getJob4Marshal()
9899
job4Marshal.Type = "capture"
99-
job4Marshal.Output = job.cfg.Output
100+
job4Marshal.Output = ast.RedactURL(job.cfg.Output)
100101
job4Marshal.Duration = job.cfg.Duration.String()
101102
return json.Marshal(job4Marshal)
102103
}
@@ -123,7 +124,7 @@ func (job *replayJob) Type() JobType {
123124
func (job *replayJob) MarshalJSON() ([]byte, error) {
124125
job4Marshal := job.getJob4Marshal()
125126
job4Marshal.Type = "replay"
126-
job4Marshal.Input = job.cfg.Input
127+
job4Marshal.Input = ast.RedactURL(job.cfg.Input)
127128
job4Marshal.Username = job.cfg.Username
128129
job4Marshal.Speed = job.cfg.Speed
129130
if job4Marshal.Speed == 0 {

pkg/sqlreplay/manager/job_test.go

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -129,6 +129,21 @@ func TestMarshalJob(t *testing.T) {
129129
},
130130
marshal: `{"type":"capture","status":"canceled","start_time":"2020-01-01T00:00:00Z","end_time":"2020-01-01T02:01:01Z","duration":"2h0m0s","output":"/tmp/traffic","progress":"50%","error":"mock error"}`,
131131
},
132+
{
133+
job: &captureJob{
134+
job: job{
135+
startTime: startTime,
136+
endTime: endTime,
137+
progress: 0.5,
138+
done: true,
139+
},
140+
cfg: capture.CaptureConfig{
141+
Output: "s3://bucket/prefix?access-key=abcdefghi&secret-access-key=123&force-path-style=true",
142+
Duration: 2 * time.Hour,
143+
},
144+
},
145+
marshal: `{"type":"capture","status":"done","start_time":"2020-01-01T00:00:00Z","end_time":"2020-01-01T02:01:01Z","duration":"2h0m0s","output":"s3://bucket/prefix?access-key=xxxxxx\u0026force-path-style=true\u0026secret-access-key=xxxxxx","progress":"50%"}`,
146+
},
132147
{
133148
job: &replayJob{
134149
job: job{
@@ -158,6 +173,19 @@ func TestMarshalJob(t *testing.T) {
158173
},
159174
marshal: `{"type":"replay","status":"done","start_time":"2020-01-01T00:00:00Z","end_time":"2020-01-01T02:01:01Z","input":"/tmp/traffic","username":"root","speed":0.5,"progress":"100%"}`,
160175
},
176+
{
177+
job: &replayJob{
178+
job: job{
179+
startTime: startTime,
180+
progress: 0,
181+
},
182+
cfg: replay.ReplayConfig{
183+
Input: "s3://bucket/prefix?access-key=abcdefghi&secret-access-key=123&force-path-style=true",
184+
Username: "root",
185+
},
186+
},
187+
marshal: `{"type":"replay","status":"running","start_time":"2020-01-01T00:00:00Z","input":"s3://bucket/prefix?access-key=xxxxxx\u0026force-path-style=true\u0026secret-access-key=xxxxxx","username":"root","speed":1,"progress":"0%"}`,
188+
},
161189
}
162190

163191
for i, test := range tests {

0 commit comments

Comments
 (0)