stackforge-attic/murano-conductor
Code Issues Proposed changes

Sanitize passwords in conductor's logs (more places).

Browse Source 
Change-Id: I4ed416380bfab4a67828e34cc8c1ac5c18d17c96
Fixes: bug MRN-861.
This commit is contained in:
Timur Sufiev 2013-09-03 15:59:47 +04:00
parent 8fc771e980
commit 53ff0d9ac2
3 changed files with 17 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
muranoconductor/app.py
View File

@ -26,8 +26,8 @@ from openstack.common import log as logging
from config import Config
import reporting
from muranocommon.messaging import MqClient, Message
from muranocommon.helpers.token_sanitizer import TokenSanitizer
from muranoconductor import config as cfg
from muranoconductor.helpers import secure_data
import windows_agent
import cloud_formation
@ -35,11 +35,6 @@ import cloud_formation
log = logging.getLogger(__name__)
def secure_task(task):
sanitizer = TokenSanitizer()
return sanitizer.sanitize(task)
class ConductorWorkflowService(service.Service):
def __init__(self):
super(ConductorWorkflowService, self).__init__()
@ -86,7 +81,7 @@ class ConductorWorkflowService(service.Service):
with self.create_rmq_client() as mq:
try:
log.info('Starting processing task {0}: {1}'.format(
message_id, anyjson.dumps(secure_task(task))))
message_id, anyjson.dumps(secure_data(task))))
reporter = reporting.Reporter(mq, message_id, task['id'])
config = Config()
@ -141,7 +136,7 @@ class ConductorWorkflowService(service.Service):
mq.send(message=result_msg, key='task-results')
message.ack()
log.info('Finished processing task {0}. Result = {1}'.format(
message_id, anyjson.dumps(secure_task(task))))
message_id, anyjson.dumps(secure_data(task))))
def cleanup(self, model, reporter):
try:

6
muranoconductor/helpers.py
View File

@ -15,6 +15,7 @@
import deep
import types
from muranocommon.helpers.token_sanitizer import TokenSanitizer
def transform_json(json, mappings):
@ -100,3 +101,8 @@ def str2unicode(obj):
elif isinstance(obj, types.ListType):
return [str2unicode(t) for t in obj]
return obj
def secure_data(data):
sanitizer = TokenSanitizer()
return sanitizer.sanitize(data)

13
muranoconductor/workflow.py
View File

@ -20,6 +20,7 @@ import types
import function_context
import xml_code_engine
from muranoconductor.helpers import secure_data
log = logging.getLogger(__name__)
object_id = id
@ -143,15 +144,16 @@ class Workflow(object):
elif path.startswith('#'):
context_path = ':' + path[1:]
log.debug(
"Setting context variable '{0}' to '{1}'".format(context_path,
body_data))
"Setting context variable '{0}' to '{1}'".format(
*secure_data((context_path, body_data))))
context[context_path] = body_data
return
if target:
data = context[target]
position = path.split('.')
if Workflow._get_path(data, position) != body_data:
log.debug("Setting '{0}' to '{1}'".format(path, body_data))
log.debug("Setting '{0}' to '{1}'".format(
*secure_data((path, body_data))))
Workflow._set_path(data, position, body_data)
context['/hasSideEffects'] = True
@ -159,7 +161,8 @@ class Workflow(object):
data = context['/dataSource']
new_position = Workflow._correct_position(path, context)
if Workflow._get_path(data, new_position) != body_data:
log.debug("Setting '{0}' to '{1}'".format(path, body_data))
log.debug("Setting '{0}' to '{1}'".format(
*secure_data((path, body_data))))
Workflow._set_path(data, new_position, body_data)
context['/hasSideEffects'] = True
@ -229,7 +232,7 @@ class Workflow(object):
context['__dataSource_currentObj'] = cur_obj
context['__dataSource_currentObj_id'] = current_object_id
log.debug("Rule '{0}' with ID = {2} matches on '{1}'"
.format(desc, cur_obj, full_rule_id))
.format(desc, secure_data(cur_obj), full_rule_id))
if current_object_id != '#':
log.debug('Muting {0} in rule {1}'.format(
current_object_id, full_rule_id))