From b2ae4b36daadabe812c0c12dd6f5a6f014ed9e17 Mon Sep 17 00:00:00 2001 From: Marcel Moura <5615598+marcelstanley@users.noreply.github.com> Date: Tue, 6 Aug 2024 18:52:53 -0300 Subject: [PATCH] fix(config): redact redis endpoint --- CHANGELOG.md | 1 + internal/node/config/config.go | 4 ++-- internal/node/config/config_test.go | 8 ++++++++ internal/node/services.go | 2 +- 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 896f6cf3f..a0b0c1a04 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Changed - Disabled the `authority-claimer` when `CARTESI_EXPERIMENTAL_SUNODO_VALIDATOR_ENABLED` is set to `true`. +- Redacted the contents of `CARTESI_EXPERIMENTAL_SUNODO_VALIDATOR_REDIS_ENDPOINT`. ## [1.5.0] 2024-07-22 diff --git a/internal/node/config/config.go b/internal/node/config/config.go index f32a744b3..1331e8997 100644 --- a/internal/node/config/config.go +++ b/internal/node/config/config.go @@ -36,7 +36,7 @@ type NodeConfig struct { FeatureDisableMachineHashCheck bool ExperimentalServerManagerBypassLog bool ExperimentalSunodoValidatorEnabled bool - ExperimentalSunodoValidatorRedisEndpoint string + ExperimentalSunodoValidatorRedisEndpoint Redacted[string] Auth Auth } @@ -99,7 +99,7 @@ func FromEnv() NodeConfig { config.ExperimentalSunodoValidatorEnabled = getExperimentalSunodoValidatorEnabled() if config.ExperimentalSunodoValidatorEnabled { config.ExperimentalSunodoValidatorRedisEndpoint = - getExperimentalSunodoValidatorRedisEndpoint() + Redacted[string]{getExperimentalSunodoValidatorRedisEndpoint()} config.FeatureDisableClaimer = true } if !config.FeatureDisableClaimer && !getExperimentalSunodoValidatorEnabled() { diff --git a/internal/node/config/config_test.go b/internal/node/config/config_test.go index b1c95e08b..eaeb88899 100644 --- a/internal/node/config/config_test.go +++ b/internal/node/config/config_test.go @@ -43,3 +43,11 @@ func (s *ConfigTestSuite) TestAuthIsNotSetWhenClaimerIsDisabled() { c := FromEnv() assert.Nil(s.T(), c.Auth) } + +func (s *ConfigTestSuite) TestExperimentalSunodoValidatorRedisEndpointIsRedacted() { + os.Setenv("CARTESI_EXPERIMENTAL_SUNODO_VALIDATOR_ENABLED", "true") + os.Setenv("CARTESI_EXPERIMENTAL_SUNODO_VALIDATOR_REDIS_ENDPOINT", + "redis://username:p@ssw0rd@hostname:9999") + c := FromEnv() + assert.Equal(s.T(), "[REDACTED]", c.ExperimentalSunodoValidatorRedisEndpoint.String()) +} diff --git a/internal/node/services.go b/internal/node/services.go index 892c3db16..bf60efd51 100644 --- a/internal/node/services.go +++ b/internal/node/services.go @@ -45,7 +45,7 @@ func getPort(c config.NodeConfig, offset portOffset) int { // Get the redis endpoint based on whether the experimental sunodo validator mode is enabled. func getRedisEndpoint(c config.NodeConfig) string { if c.ExperimentalSunodoValidatorEnabled { - return c.ExperimentalSunodoValidatorRedisEndpoint + return c.ExperimentalSunodoValidatorRedisEndpoint.Value } else { return fmt.Sprintf("redis://%v:%v", localhost, getPort(c, portOffsetRedis)) }