API message logging should have field blacklist
Bug #1500298 reported by
Tim Penhey
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Canonical Juju |
Expired
|
Low
|
Unassigned | ||
Bug Description
The logging of the API calls are extremely useful for development, and in debugging production issues.
However we do not want the logging of "secret" values on in production environments, but we would still like a way to see things during development.
Here is a proposal:
Add a feature flag for detailed logging of api calls. This would show all the details of the call if this developer flag is on.
If the flag is off, the serialized JSON is passed through a sanitizer that looks through the nested dictionaries for any key that matches either the provider secret, or any key Juju uses internally to represent a password.
| Changed in juju-core: | |
| milestone: | none → 1.26-alpha1 |
| no longer affects: | juju-core/1.25 |
| Changed in juju-core: | |
| milestone: | 1.26-alpha1 → 1.26-alpha2 |
| Changed in juju-core: | |
| milestone: | 1.26-alpha2 → 1.26.0 |
| Changed in juju-core: | |
| milestone: | 1.26.0 → 2.0-beta1 |
| Changed in juju-core: | |
| milestone: | 2.0-beta1 → 2.0-beta2 |
| Changed in juju-core: | |
| milestone: | 2.0-beta2 → 2.0-beta3 |
| Changed in juju-core: | |
| milestone: | 2.0-beta3 → 2.0-beta4 |
| Changed in juju-core: | |
| milestone: | 2.0-beta4 → 2.1.0 |
| affects: | juju-core → juju |
| Changed in juju: | |
| milestone: | 2.1.0 → none |
| milestone: | none → 2.1.0 |
Revision history for this message
| Anastasia (anastasia-macmood) wrote | #1 |
| Changed in juju: | |
| importance: | High → Low |
| milestone: | 2.1.0 → none |
Revision history for this message
| Canonical Juju QA Bot (juju-qa-bot) wrote | #2 |
| Changed in juju: | |
| status: | Triaged → Expired |
| tags: | added: expirebugs-bot |
To post a comment you must log in.
As this is a tech-debt item, I am lowering its priority and removing from the milestone.