Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: redact headers, cookies, url params in har file #22595

Merged
merged 3 commits into from
Oct 12, 2023
Merged

fix: redact headers, cookies, url params in har file #22595

merged 3 commits into from
Oct 12, 2023

Conversation

dkwon17
Copy link
Contributor

@dkwon17 dkwon17 commented Oct 10, 2023

What does this PR do?

Extension to the #22526 feature, that redacts auth headers, cookies, and params from har files.

Screenshot/screencast of this PR

What issues does this PR fix or reference?

How to test this PR?

  1. On an OpenShift cluster, install Eclipse Che
  2. Checkout this PR, cd to tests/e2e
  3. Run the following to set the necessary environment variables:
export TS_SELENIUM_BASE_URL=<CHE_URL>
export TS_SELENIUM_OCP_USERNAME=<USERNAME>
export TS_SELENIUM_OCP_PASSWORD=<PASSWORD>
export TS_SELENIUM_VALUE_OPENSHIFT_OAUTH=true
  1. Run npm ci
  2. Apply the following patch to guarantee that one of the smoke tests fail:
git apply <<EOF
diff --git a/tests/e2e/specs/SmokeTest.spec.ts b/tests/e2e/specs/SmokeTest.spec.ts
index 4a5f08bf76..709371a396 100644
--- a/tests/e2e/specs/SmokeTest.spec.ts
+++ b/tests/e2e/specs/SmokeTest.spec.ts
@@ -46,6 +46,7 @@ suite('The SmokeTest userstory', function (): void {
 		test('Check a project folder has been created', async function (): Promise<void> {
 			const projectName: string = FACTORY_TEST_CONSTANTS.TS_SELENIUM_PROJECT_NAME || StringUtil.getProjectNameFromGitUrl(factoryUrl);
 			projectSection = (await new SideBarView().getContent().getSections())[0]; // get the (WORKSPACE) section from the sidebar - contains project content
+			expect(false).to.be.true;
 			expect(await projectSection.findItem(projectName)).not.eqls(undefined);
 		});
 		test('Check the project files was imported', async function (): Promise<void> {
EOF
  1. Run the smoke tests
export USERSTORY=SmokeTest && npm run test
  1. The test should fail and a .har file should be available in tests/e2e/report/<test-name>/
  2. Verify that the har file does not contain authentication headers, cookies, url params

PR Checklist

As the author of this Pull Request I made sure that:

Reviewers

Reviewers, please comment how you tested the PR when approving it.

@che-bot che-bot added status/code-review This issue has a pull request posted for it and is awaiting code review completion by the community. kind/bug Outline of a bug - must adhere to the bug report template. target/branch Indicates that a PR will be merged into a branch other than master. labels Oct 10, 2023
nallikaea
nallikaea approved these changes Oct 11, 2023
View reviewed changes
Copy link
Contributor

@nallikaea nallikaea left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved with small comment

@dkwon17
Remove try catch
8fd653a 
Signed-off-by: David Kwon <[email protected]>
@dkwon17
Remove try catch
420e982 
Signed-off-by: David Kwon <[email protected]>
@nallikaea nallikaea merged commit 9cd8def into eclipse-che:main Oct 12, 2023
3 checks passed
@che-bot che-bot removed the status/code-review This issue has a pull request posted for it and is awaiting code review completion by the community. label Oct 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nallikaea nallikaea nallikaea approved these changes

@musienko-maxim musienko-maxim Awaiting requested review from musienko-maxim musienko-maxim is a code owner

@nickboldt nickboldt Awaiting requested review from nickboldt

@ScrewTSW ScrewTSW Awaiting requested review from ScrewTSW

@dmytro-ndp dmytro-ndp Awaiting requested review from dmytro-ndp dmytro-ndp is a code owner

Assignees
No one assigned
Labels
kind/bug Outline of a bug - must adhere to the bug report template. target/branch Indicates that a PR will be merged into a branch other than master.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dkwon17 @nallikaea @che-bot