Use ProviderSdkLogger as the class for awx_log

`Vmdb::Loggers::ProviderSdkLogger` has a log filtering mechanism that prevents authorization tokens from showing up in logs. This is needed to prevent Faraday from logging Authorization request headers which includes the Basic authorization token. CVE-2023-46175
ManageIQ · Nov 17, 2023 · 3e502a3 · 3e502a3
1 parent 47816b6
commit 3e502a3
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/lib/manageiq/providers/awx/engine.rb b/lib/manageiq/providers/awx/engine.rb
@@ -20,7 +20,7 @@ def self.plugin_name
         end
 
         def self.init_loggers
-          $awx_log ||= Vmdb::Loggers.create_logger("awx.log")
+          $awx_log ||= Vmdb::Loggers.create_logger("awx.log", Vmdb::Loggers::ProviderSdkLogger)
         end
 
         def self.apply_logger_config(config)