Excluded build info JFrog internal keys

jfrog · Dec 14, 2023 · f97cf74 · f97cf74
1 parent cf80faa
commit f97cf74
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 1 deletion.
diff --git a/...extractor/src/main/java/org/jfrog/build/extractor/packageManager/PackageManagerUtils.java b/...extractor/src/main/java/org/jfrog/build/extractor/packageManager/PackageManagerUtils.java
@@ -5,6 +5,7 @@
 import org.jfrog.build.api.util.Log;
 import org.jfrog.build.extractor.BuildInfoExtractorUtils;
 import org.jfrog.build.extractor.ci.BuildInfo;
+import org.jfrog.build.extractor.ci.BuildInfoConfigProperties;
 import org.jfrog.build.extractor.ci.Module;
 import org.jfrog.build.extractor.clientConfiguration.ArtifactoryClientConfiguration;
 import org.jfrog.build.extractor.clientConfiguration.IncludeExcludePatterns;
@@ -115,7 +116,7 @@ private static void filterExcludeIncludeProperties(IncludeExcludePatterns includ
     private static Properties getExcludeIncludeProperties(IncludeExcludePatterns patterns, Properties properties, Log log) {
         Properties props = new Properties();
         for (Map.Entry<Object, Object> entry : properties.entrySet()) {
-            if (!isExcludedByKey(patterns, entry) && !containsSuspectedSecrets(entry.getValue().toString())) {
+            if (!isExcludedByKey(patterns, entry) && !containsSuspectedSecrets(entry.getValue().toString()) && !isJfrogInternalKey(entry.getKey().toString())) {
                 props.put(entry.getKey(), entry.getValue());
             } else {
                 log.debug("[buildinfo] Property '" + entry.getKey() + "' has been excluded'");
@@ -137,6 +138,12 @@ public static boolean containsSuspectedSecrets(String value) {
                 containsSuspectedSecret(value, accessTokenSecretPrefix, accessTokenSecretMinimalLength);
     }
 
+    public static boolean isJfrogInternalKey(String key) {
+        return key.startsWith(BuildInfoConfigProperties.PROP_PROPS_FILE) ||
+                key.startsWith(BuildInfoConfigProperties.PROP_PROPS_FILE_KEY) ||
+                key.startsWith(BuildInfoConfigProperties.PROP_PROPS_FILE_KEY_IV);
+    }
+
     /**
      * Checks whether the value of a variable contains a suspected secret.
      * Done by searching for a known constant prefix of the secret and verifying the length of the substring is sufficient to include the expected length of the secret.

diff --git a/...actor/src/test/java/org/jfrog/build/extractor/packageManager/PackageManagerUtilsTest.java b/...actor/src/test/java/org/jfrog/build/extractor/packageManager/PackageManagerUtilsTest.java
@@ -14,6 +14,9 @@
 import java.util.Properties;
 
 import static org.jfrog.build.extractor.BuildInfoExtractorUtils.getEnvProperties;
+import static org.jfrog.build.extractor.ci.BuildInfoConfigProperties.PROP_PROPS_FILE;
+import static org.jfrog.build.extractor.ci.BuildInfoConfigProperties.PROP_PROPS_FILE_KEY;
+import static org.jfrog.build.extractor.ci.BuildInfoConfigProperties.PROP_PROPS_FILE_KEY_IV;
 import static org.jfrog.build.extractor.packageManager.PackageManagerUtils.containsSuspectedSecrets;
 import static org.jfrog.build.extractor.packageManager.PackageManagerUtils.filterBuildInfoProperties;
 import static org.testng.Assert.assertEquals;
@@ -103,6 +106,36 @@ public void testExcludePatterns() {
 
     }
 
+    @Test
+    public void testExcludeJfrogInternalKey() {
+        Properties props = new Properties();
+        Properties buildInfoProperties = getEnvProperties(props, new NullLog());
+        Properties moduleProps = new Properties();
+        moduleProps.setProperty(key1, value1);
+        moduleProps.setProperty(PROP_PROPS_FILE_KEY, value1);
+        moduleProps.setProperty(PROP_PROPS_FILE_KEY_IV, value1);
+        moduleProps.setProperty(PROP_PROPS_FILE, value1);
+        Module module = new Module();
+        module.setId("foo");
+        module.setProperties(moduleProps);
+        BuildInfo buildInfo = new BuildInfoBuilder("BUILD_NAME")
+                .number("BUILD_NUMBER")
+                .properties(buildInfoProperties)
+                .startedDate(new Date())
+                .properties(buildInfoProperties)
+                .addModule(module).build();
+
+        filterBuildInfoPropertiesTestHelper(buildInfo);
+
+        // Excluded build info JFrog internal keys
+        assertNull(buildInfo.getProperties().getProperty(PROP_PROPS_FILE), "Should not find '" + PROP_PROPS_FILE + "' property due to exclude JFrog internal key");
+        assertNull(buildInfo.getProperties().getProperty(PROP_PROPS_FILE_KEY_IV), "Should not find '" + PROP_PROPS_FILE_KEY_IV + "' property due to exclude JFrog internal key");
+        assertNull(buildInfo.getProperties().getProperty(PROP_PROPS_FILE_KEY), "Should not find '" + PROP_PROPS_FILE_KEY + "' property due to exclude JFrog internal key");
+
+        // Keep build info property
+        assertEquals(buildInfo.getModule("foo").getProperties().getProperty(key1), value1, key1 + " property does not match");
+    }
+
     @Test
     public void testIncludePatterns() {
         Properties props = new Properties();