File: url_test.go

package info (click to toggle)
gitlab-shell 14.35.0%2Bds1-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 23,652 kB
  • sloc: ruby: 1,129; makefile: 583; sql: 391; sh: 384
file content (138 lines) | stat: -rw-r--r-- 4,345 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
 
package logsanitizer

import (
	"bytes"
	"fmt"
	"io"
	"testing"

	log "github.com/sirupsen/logrus"
	"github.com/stretchr/testify/require"
)

func TestUrlSanitizerHook(t *testing.T) {
	outBuf := &bytes.Buffer{}

	urlSanitizer := NewURLSanitizerHook()
	urlSanitizer.AddPossibleGrpcMethod(
		"UpdateRemoteMirror",
		"CreateRepositoryFromURL",
		"FetchRemote",
	)

	logger := log.New()
	logger.Out = outBuf
	logger.Hooks.Add(urlSanitizer)

	testCases := []struct {
		desc           string
		logFunc        func()
		expectedString string
	}{
		{
			desc: "with args",
			logFunc: func() {
				logger.WithFields(log.Fields{
					"grpc.method": "CreateRepositoryFromURL",
					"args":        []string{"/usr/bin/git", "clone", "--bare", "--", "https://foo_the_user:hUntEr1@gitlab.com/foo/bar", "/home/git/repositories/foo/bar"},
				}).Info("spawn")
			},
			expectedString: "[/usr/bin/git clone --bare -- https://[FILTERED]@gitlab.com/foo/bar /home/git/repositories/foo/bar]",
		},
		{
			desc: "with error",
			logFunc: func() {
				logger.WithFields(log.Fields{
					"grpc.method": "UpdateRemoteMirror",
					"error":       fmt.Errorf("rpc error: code = Unknown desc = remote: Invalid username or password. fatal: Authentication failed for 'https://foo_the_user:hUntEr1@gitlab.com/foo/bar'"),
				}).Error("ERROR")
			},
			expectedString: "rpc error: code = Unknown desc = remote: Invalid username or password. fatal: Authentication failed for 'https://[FILTERED]@gitlab.com/foo/bar'",
		},
		{
			desc: "with message",
			logFunc: func() {
				logger.WithFields(log.Fields{
					"grpc.method": "CreateRepositoryFromURL",
				}).Info("asked for: https://foo_the_user:hUntEr1@gitlab.com/foo/bar")
			},
			expectedString: "asked for: https://[FILTERED]@gitlab.com/foo/bar",
		},
		{
			desc: "with URL without scheme output",
			logFunc: func() {
				logger.WithFields(log.Fields{
					"grpc.method": "FetchRemote",
				}).Info("fatal: unable to look up foo:bar@non-existent.org (port 9418) (nodename nor servname provided, or not known")
			},
			expectedString: "unable to look up [FILTERED]@non-existent.org (port 9418) (nodename nor servname provided, or not known",
		},
		{
			desc: "with gRPC method not added to the list",
			logFunc: func() {
				logger.WithFields(log.Fields{
					"grpc.method": "UserDeleteTag",
				}).Error("fatal: 'https://foo_the_user:hUntEr1@gitlab.com/foo/bar' is not a valid tag name.")
			},
			expectedString: "fatal: 'https://foo_the_user:hUntEr1@gitlab.com/foo/bar' is not a valid tag name.",
		},
		{
			desc: "log with URL that does not require sanitization",
			logFunc: func() {
				logger.WithFields(log.Fields{
					"grpc.method": "CreateRepositoryFromURL",
				}).Info("asked for: https://gitlab.com/gitlab-org/gitaly/v15")
			},
			expectedString: "asked for: https://gitlab.com/gitlab-org/gitaly/v15",
		},
	}

	for _, testCase := range testCases {
		t.Run(testCase.desc, func(t *testing.T) {
			testCase.logFunc()
			logOutput := outBuf.String()

			require.Contains(t, logOutput, testCase.expectedString)
		})
	}
}

func BenchmarkUrlSanitizerWithoutSanitization(b *testing.B) {
	urlSanitizer := NewURLSanitizerHook()

	logger := log.New()
	logger.Out = io.Discard
	logger.Hooks.Add(urlSanitizer)

	benchmarkLogging(b, logger)
}

func BenchmarkUrlSanitizerWithSanitization(b *testing.B) {
	urlSanitizer := NewURLSanitizerHook()
	urlSanitizer.AddPossibleGrpcMethod(
		"UpdateRemoteMirror",
		"CreateRepositoryFromURL",
	)

	logger := log.New()
	logger.Out = io.Discard
	logger.Hooks.Add(urlSanitizer)

	benchmarkLogging(b, logger)
}

func benchmarkLogging(b *testing.B, logger *log.Logger) {
	for n := 0; n < b.N; n++ {
		logger.WithFields(log.Fields{
			"grpc.method": "CreateRepositoryFromURL",
			"args":        []string{"/usr/bin/git", "clone", "--bare", "--", "https://foo_the_user:hUntEr1@gitlab.com/foo/bar", "/home/git/repositories/foo/bar"},
		}).Info("spawn")
		logger.WithFields(log.Fields{
			"grpc.method": "UpdateRemoteMirror",
			"error":       fmt.Errorf("rpc error: code = Unknown desc = remote: Invalid username or password. fatal: Authentication failed for 'https://foo_the_user:hUntEr1@gitlab.com/foo/bar'"),
		}).Error("ERROR")
		logger.WithFields(log.Fields{
			"grpc.method": "CreateRepositoryFromURL",
		}).Info("asked for: https://foo_the_user:hUntEr1@gitlab.com/foo/bar")
	}
}