Skip to content

Commit 253036c

Browse files
igor-karpukhinfabritsius
authored andcommitted
Do not print credentials for AtlasProject resources (#907)
1 parent f961bc7 commit 253036c

File tree

1 file changed

+35
-0
lines changed

1 file changed

+35
-0
lines changed

pkg/api/v1/atlasproject_types.go

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ limitations under the License.
1717
package v1
1818

1919
import (
20+
"go.uber.org/zap/zapcore"
2021
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
2122
"sigs.k8s.io/controller-runtime/pkg/client"
2223

@@ -111,6 +112,40 @@ type AtlasProjectSpec struct {
111112
Teams []Team `json:"teams,omitempty"`
112113
}
113114

115+
const hiddenField = "*** redacted ***"
116+
117+
//nolint:errcheck
118+
func (p AtlasProjectSpec) MarshalLogObject(e zapcore.ObjectEncoder) error {
119+
printable := p.DeepCopy()
120+
// cleanup encryption at EncryptionAtRest
121+
if printable.EncryptionAtRest != nil {
122+
printable.EncryptionAtRest.AwsKms.AccessKeyID = hiddenField
123+
printable.EncryptionAtRest.AwsKms.CustomerMasterKeyID = hiddenField
124+
printable.EncryptionAtRest.AwsKms.SecretAccessKey = hiddenField
125+
printable.EncryptionAtRest.AwsKms.RoleID = hiddenField
126+
printable.EncryptionAtRest.AzureKeyVault.Secret = hiddenField
127+
printable.EncryptionAtRest.GoogleCloudKms.ServiceAccountKey = hiddenField
128+
}
129+
130+
// cleanup AlertConfigurations
131+
for i := range printable.AlertConfigurations {
132+
for j := range printable.AlertConfigurations[i].Notifications {
133+
printable.AlertConfigurations[i].Notifications[j].APIToken = hiddenField
134+
printable.AlertConfigurations[i].Notifications[j].DatadogAPIKey = hiddenField
135+
printable.AlertConfigurations[i].Notifications[j].FlowdockAPIToken = hiddenField
136+
printable.AlertConfigurations[i].Notifications[j].DatadogAPIKey = hiddenField
137+
printable.AlertConfigurations[i].Notifications[j].MobileNumber = hiddenField
138+
printable.AlertConfigurations[i].Notifications[j].OpsGenieAPIKey = hiddenField
139+
printable.AlertConfigurations[i].Notifications[j].ServiceKey = hiddenField
140+
printable.AlertConfigurations[i].Notifications[j].VictorOpsAPIKey = hiddenField
141+
printable.AlertConfigurations[i].Notifications[j].VictorOpsRoutingKey = hiddenField
142+
}
143+
}
144+
145+
e.AddReflected("AtlasProjectSpec", printable)
146+
return nil
147+
}
148+
114149
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
115150
// +kubebuilder:object:root=true
116151
// +kubebuilder:printcolumn:name="Name",type=string,JSONPath=`.spec.name`

0 commit comments

Comments
 (0)