Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed clear-text logging of all password-like properties in API/HMC log #1714

Merged
merged 2 commits into from
Nov 28, 2024
Merged

Fixed clear-text logging of all password-like properties in API/HMC log #1714

merged 2 commits into from
Nov 28, 2024

Conversation

andy-maier
Copy link
Member

@andy-maier andy-maier commented Nov 28, 2024
edited
Loading

For details, see the commit message.

Tested in addition, using this version of zhmcclient:

  • with "make end2end" against A218 - raises the same failures as with master branch
  • with "make test" in zhmccli repo - passed without issues
  • with "make test" in zhmc-ansible-modules repo - passed without issues

@andy-maier andy-maier self-assigned this Nov 28, 2024
@andy-maier andy-maier added this to the 1.19.0 milestone Nov 28, 2024
@coveralls
Copy link
Collaborator

coveralls commented Nov 28, 2024
edited
Loading

Coverage Status

coverage: 82.472% (+0.02%) from 82.453%
when pulling 5958432 on andy/fix-ssc-master-pw
into f594a77 on master.

@andy-maier andy-maier force-pushed the andy/fix-ssc-master-pw branch 4 times, most recently from b88441d to f2d096e Compare November 28, 2024 12:03
@andy-maier andy-maier changed the title Fixed clear-text logging of passwords in Partition/User create/update Fixed clear-text logging of all password-like properties in API/HMC log Nov 28, 2024
@andy-maier
Fixed clear-text logging of all password-like properties in API/HMC log
a269ab8 
Details:

* Reworked the @logged_api_call decorator to get optional parameters
  for specifying properties ot be blanked out in the API logging.
  This required significant reimplementation of that decorator and
  the functions it calls.

* Fixed the clear-text logging of all password-like properties in the API
  logging by using this new capability of the @logged_api_call decorator.

* Fixed the clear-text logging of all password-like properties in the HMC
  logging by blanking them out in the Session.post() method.

* Added unit test cases for the blanked-out API logging, in the
  test_logging.py module.

* Added unit test cases for the blanked-out API logging, in all test
  modules for those resources that have blanked-out properties.

* Improved the checking in the unit test cases for API logging, to check
  the function name, args, kwargs and return value in the log messages.

Signed-off-by: Andreas Maier <[email protected]>
@andy-maier andy-maier mentioned this pull request Nov 28, 2024
Merged
@andy-maier andy-maier merged commit b77a934 into master Nov 28, 2024
14 checks passed
@andy-maier andy-maier deleted the andy/fix-ssc-master-pw branch November 28, 2024 14:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@EdGue42 EdGue42 EdGue42 approved these changes

@simon-spinner simon-spinner simon-spinner approved these changes

Assignees

@andy-maier andy-maier

Labels
rollback done
Projects
None yet
Milestone
1.19.0
Development

Successfully merging this pull request may close these issues.
4 participants
@andy-maier @coveralls @simon-spinner @EdGue42