Skip to content

[Misc] Redact ray runtime env before logging #26302

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

[Misc] Redact ray runtime env before logging #26302

wants to merge 4 commits into from
+7 −1

Conversation

ruisearch42
Copy link
Collaborator

@ruisearch42 ruisearch42 commented Oct 6, 2025
edited by github-actions bot
Loading

Purpose

Avoid logging sensitive env vars: https://github.com/vllm-project/vllm/pull/22040/files#r2404671920

Test Plan

Test Result

Essential Elements of an Effective PR Description Checklist
  • The purpose of the PR, such as "Fix some issue (link existing issues this PR will resolve)".
  • The test plan, such as providing test command.
  • The test results, such as pasting the results comparison before and after, or e2e results
  • (Optional) The necessary documentation update, such as updating supported_models.md and examples for a new model.
  • (Optional) Release notes update. If your change is user facing, please update the release notes draft in the Google Doc.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Oct 6, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a security enhancement by redacting sensitive environment variables from the Ray runtime environment before they are logged. The implementation correctly creates a sanitized copy of the runtime environment for logging purposes, ensuring that the original configuration remains unmodified for subsequent use. The change is well-contained and effectively addresses the potential for information leakage in logs. The code is clean and correct.

@ruisearch42 ruisearch42 mentioned this pull request Oct 6, 2025
Merged
4 tasks
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Oct 6, 2025
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

@ruisearch42
up
16e6b7f 
Signed-off-by: Rui Qiao <[email protected]>
@ruisearch42
format
fb40e45 
Signed-off-by: Rui Qiao <[email protected]>
@ruisearch42
up
25c5a9c 
Signed-off-by: Rui Qiao <[email protected]>
@ruisearch42 ruisearch42 added the ready ONLY add when PR is ready to merge/full CI is needed label Oct 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
ready ONLY add when PR is ready to merge/full CI is needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ruisearch42