server: fix over redacted log line in migration server #137915
Conversation
![blathers[crl]](https://avatars.githubusercontent.com/in/59700?s=40&u=373d9101a12edc3847d2fb6ae78e3adcfb4ca41e&v=4){kind=avatar}
|
It looks like your PR touches production code but doesn't add or edit any test code. Did you consider adding tests to your PR? 🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf. |
|
This change is |
There was a problem hiding this comment.
Reviewable status:
complete! 0 of 0 LGTMs obtained (waiting on @aa-joshi)
pkg/server/migration.go line 147 at r1 (raw file):
} log.Infof(ctx, "active cluster version setting is now %s (up from %s)", redact.Safe(newCV.PrettyPrint()), redact.Safe(prevCV.PrettyPrint()))
I think we can directly pass newCV and prevCV without Safe or PrettyPrint. Because the underlying type implements SafeFormatter
It was getting redacted because PrettyPrint() returns string
There was a problem hiding this comment.
Reviewable status:
pkg/server/migration.go line 147 at r1 (raw file):
Previously, arjunmahishi (Arjun Mahishi) wrote…
I think we can directly pass
newCVandprevCVwithoutSafeorPrettyPrint. Because the underlying type implementsSafeFormatterIt was getting redacted because
PrettyPrint()returnsstring
I believe we need to wrap in PrettyPrint because it has formatting logic based on v.IsFence()
ref:
cockroach/pkg/roachpb/version.go
Line 115 in ac3c5f2
|
Previously, aa-joshi (Akshay Joshi) wrote…
Then I think we can change PrettyPrint and make it return |
aa-joshi
force-pushed
the
CRDB-44885_handle_log_redactions
branch
from
430dd79 to
b8f2695
Compare
aa-joshi
changed the title
There was a problem hiding this comment.
Reviewable status:
pkg/server/migration.go line 147 at r1 (raw file):
Previously, arjunmahishi (Arjun Mahishi) wrote…
Then I think we can change PrettyPrint and make it return
redact.RedactableString
I think it's only being used for logging anyway.
PrettyPrint is invoked at multiple flows. Changing return type would increase changes significantly. As part of the task, we want to keep changes minimal so that we can backport. Let's use SafeString here.
pkg/server/auto_upgrade.go line 52 at r1 (raw file):
clusterVersion, err := s.clusterVersion(ctx) if err != nil { log.Errorf(ctx, "unable to retrieve cluster version: %v", redact.Safe(err))
I have reverted log redaction changes for errors as we have decided to build a standard framework for it.
There was a problem hiding this comment.
Reviewable status:
pkg/server/migration.go line 147 at r1 (raw file):
Previously, aa-joshi (Akshay Joshi) wrote…
PrettyPrint is invoked at multiple flows. Changing return type would increase changes significantly. As part of the task, we want to keep changes minimal so that we can backport. Let's use
SafeStringhere.
That change does not significantly change any of the non-test call sites. I wrote up a quick PR here to show it: #138353
IMO we should change PrettyPrint to return a RedactableString rather than using SafeString here.
There was a problem hiding this comment.
Reviewed 2 of 2 files at r2, all commit messages.
Reviewable status:
Previosuly, few log lines were getting redacted assuming that it contains sensitive information. Support team was facing challenges during dignostics. To address this, this patch address the log line in migration server which was overly redacted. Epic: CRDB-37533 Part of: CRDB-44885 Release note: None
aa-joshi
force-pushed
the
CRDB-44885_handle_log_redactions
branch
from
b8f2695 to
4570e95
Compare
There was a problem hiding this comment.
Reviewable status:
pkg/server/migration.go line 147 at r1 (raw file):
Previously, rafiss (Rafi Shamim) wrote…
That change does not significantly change any of the non-test call sites. I wrote up a quick PR here to show it: #138353
IMO we should change PrettyPrint to return a RedactableString rather than using SafeString here.
Thanks for the review! updated.
There was a problem hiding this comment.
Reviewable status:
pkg/clusterversion/cockroach_versions_test.go line 150 at r3 (raw file):
} for _, test := range tests { if actual := test.cv.PrettyPrint().StripMarkers(); actual != test.exp {
We should not be getting any redaction markers if the redaction is handled correctly. If we are just using StripMarkers to resolve the type to string, we can just convert the type of exp to redact.RedactableString on line 141.
Removing StripMarkers will ensure that the test asserts the output of PrettyPrint is not redacted.
There was a problem hiding this comment.
nice fix!
Reviewable status:
pkg/clusterversion/cockroach_versions_test.go line 150 at r3 (raw file):
Previously, arjunmahishi (Arjun Mahishi) wrote…
We should not be getting any redaction markers if the redaction is handled correctly. If we are just using
StripMarkersto resolve the type to string, we can just convert the type ofexptoredact.RedactableStringon line 141.Removing
StripMarkerswill ensure that the test asserts the output ofPrettyPrintis not redacted.
in tests, there's no strong reason to use redacted strings. IMO, it's ok to use StripMarkers here. however, it's also true that changing the type of exp should fix it and is also a simple change. i'd be fine either way,
rafiss
added
backport-23.2.x
|
TFTR |
|
Encountered an error creating backports. Some common things that can go wrong:
You might need to create your backport manually using the backport tool. error creating merge commit from 4570e95 to blathers/backport-release-23.2-137915: POST https://api.github.com/repos/cockroachdb/cockroach/merges: 409 Merge conflict [] you may need to manually resolve merge conflicts with the backport tool. Backport to branch 23.2.x failed. See errors above. 🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf. |
Previosuly, few log lines were getting redacted assuming that it contains
sensitive information. Support team was facing challenges during dignostics. To
address this, this patch address the log line in migration server which was
overly redacted.
Epic: CRDB-37533
Part of: CRDB-44885
Release note: None