This repository has been archived by the owner on Dec 8, 2021. It is now read-only.
*: redact log and error messages, add log-redact parameter #538
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lichunzhu
added
the
status/PTAL
glorv
reviewed
Dec 28, 2020
| @@ -359,7 +359,7 @@ func (be *tidbBackend) WriteRows(ctx context.Context, _ uuid.UUID, tableName str | |||
| _, err := be.db.ExecContext(ctx, insertStmt.String()) | |||
| if err != nil { | |||
| log.L().Error("execute statement failed", zap.String("stmt", insertStmt.String()), | |||
| zap.Array("rows", rows), zap.Error(err)) | |||
| log.ZapRedactArray("rows", rows), zap.Error(err)) | |||
There was a problem hiding this comment.
The stmt should be redacted too since it contains the rawData
glorv
reviewed
Dec 28, 2020
| @@ -44,6 +44,8 @@ type Config struct { | |||
| FileMaxDays int `toml:"max-days" json:"max-days"` | |||
| // Maximum number of old log files to retain. | |||
| FileMaxBackups int `toml:"max-backups" json:"max-backups"` | |||
| // Redact sensitive logs during the whole process | |||
| RedactLog bool `toml:"redact-log" json:"redact-log"` | |||
There was a problem hiding this comment.
We should allow config this field from toml too
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| package log |
There was a problem hiding this comment.
shall we directly shall the package in br? Since they should be almost the same
There was a problem hiding this comment.
Some functions are not implemented in br's package. Since these two repositories are going to be merged together, I think we can do the refactor at that time to avoid update the dependencies now.
There was a problem hiding this comment.
@overvenus FYI about this task.
|
Please also fix the failed unit test |
|
@glorv PTAL again |
|
LGTM |
ti-srebot
approved these changes
Dec 28, 2020
ti-srebot
added
the
status/LGT2
glorv
added
the
Should Update Docs
|
@lichunzhu please add |
|
updated |
glorv
pushed a commit
that referenced
this pull request
Jan 29, 2021
* add --redact-log parameter and redact sensitive log * remove sensitive info in error
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What problem does this PR solve?
Current
tidb-lightningwill print some sensitive information in log and error messages.What is changed and how it works?
redact-logparameter. When it's set totrue, all sensitive info will be deleted from logs.Check List
Tests
Side effects
Related changes
Release Note