Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Redact dynamic values from logs and report #3543

Open
jcamiel opened this issue Dec 20, 2024 · 7 comments
Open

Redact dynamic values from logs and report #3543

jcamiel opened this issue Dec 20, 2024 · 7 comments
Assignees
Labels
enhancement New feature or request
Milestone

Comments

@jcamiel
Copy link
Collaborator

jcamiel commented Dec 20, 2024

Secrets are being introduced in 6.1.0 and allow to redact known values. We need to have a way to hide values that are not known before execution. We could introduce a redact filter that will make a value secret:

In this sample

GET https://foo.com
HTTP 200
[Captures]
my_secret: header "token" redact

my_secret is a new variable whose value must be redacted from report and logs.

@jcamiel jcamiel added the enhancement New feature or request label Dec 20, 2024
@jcamiel jcamiel added this to the 6.1.0 milestone Dec 20, 2024
@lepapareil
Copy link
Collaborator

lepapareil commented Dec 20, 2024

[Captures] uses variable as his default behavior, we could maybe add this grammar enhancement:

GET https://foo.com
HTTP 200
[Captures]
variable my_var: header "date"

And then:

GET https://foo.com
HTTP 200
[Captures]
secret my_secret: header "token"

@jcamiel
Copy link
Collaborator Author

jcamiel commented Dec 20, 2024

Yes, good alternative also. I find the filter to make less change to the grammar... Also this file, with an existing variable predicate, could be a bit awkward:

GET https://foo.com
HTTP 200
[Captures]
variable foo: jsonpath "$.value"
[Asserts]
variable "foo" == "something"

@jcamiel
Copy link
Collaborator Author

jcamiel commented Dec 20, 2024

Thinking on it, I find a kind of possible way to implement it without changing anything.

Actually, secrets are readonly.

$ hurl --secret token=foo *.hurl is declaring a secret token. You can't reassign token into a variable because the value foo would leak:

GET https://foo.com
HTTP 200
[Captures]
token: header "Secret"

Will trigger a runtime error.

Instead of readonly, let's say secrets are "write-once". This way you can declare a secret without value, and when the secret is assigned for the first time, it gets its value to redact:

$ hurl --secret token=foo *.hurl => token protects the value foo

$ hurl --secret token= *.hurl => token protects the value that will be assigned once. For instance in:

GET https://foo.com
HTTP 200
[Captures]
token: header "Secret"

It's a little hacky but I like that it doesn't need any new syntax. I'm suspecting @fabricereix will not like this solution 👀

@jcamiel
Copy link
Collaborator Author

jcamiel commented Dec 23, 2024

Other solution: make convention on naming. secret in the name automatically makes a variable secret:

GET https://foo.com
HTTP 200
[Captures]
my_secret: header "X-foo"

@lepapareil
Copy link
Collaborator

What about namespace hierarchy using :: :

  • variable by default :
GET https://foo.com
HTTP 200
[Captures]
myvar: header "X-foo"
  • define as variable :
GET https://foo.com
HTTP 200
[Captures]
variable::myvar: header "X-foo"
  • define as secret :
GET https://foo.com
HTTP 200
[Captures]
secret::myvar: header "X-foo"

@lepapareil
Copy link
Collaborator

What about one char identifier :

  • variable by default :
GET https://foo.com
HTTP 200
[Captures]
myvar: header "X-foo"
  • define as variable :
GET https://foo.com
HTTP 200
[Captures]
@myvar: header "X-foo"
  • define as secret :
GET https://foo.com
HTTP 200
[Captures]
#myvar: header "X-foo"

@jcamiel
Copy link
Collaborator Author

jcamiel commented Jan 9, 2025

Final decision from the maintainers => we go with a redact filter that make a value a secret:

GET https://foo.com
HTTP 200
[Captures]
my_secret: header "token" redact

redact is restricted to be followed by another filter:

GET https://foo.com
HTTP 200
[Captures]
my_secret: header "token" redact split "," nth 0

=> will trigger a run time error as it's not clear what is the final secret value

@jcamiel jcamiel self-assigned this Jan 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants