Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

redact sensitive data #3

Merged
merged 9 commits into from
Sep 13, 2023
Merged

redact sensitive data #3

merged 9 commits into from
Sep 13, 2023

Conversation

effoeffi
Copy link
Contributor

No description provided.

PhilippHeuer
PhilippHeuer reviewed Sep 11, 2023
View reviewed changes
client/client.go
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unrelated to this change, but func send(url string, t *model.Telemetry) error is not checking for proxy settings (http_proxy / https_proxy env) which is required for outgoing traffic in many corporate networks - this might make oasdiff feel slow while waiting for the timeout on each run.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great point, thanks for that! I'll create a new pull request for that.
BTW the telemetry logic in oasdiff runs as a separate go-routine with a timeout.

client/client.go Outdated Show resolved Hide resolved
client/client.go Outdated
Comment on lines 43 to 57

func redactFlags(telemetry *model.Telemetry) *model.Telemetry {

for key := range telemetry.Flags {
if key == "err-ignore" ||
key == "warn-ignore" ||
key == "match-path" ||
key == "prefix-base" ||
key == "prefix-revision" ||
key == "strip-prefix-base" ||
key == "strip-prefix-revision" ||
key == "filter-extension" {
telemetry.Flags[key] = ""
}
}
Copy link
Collaborator

@PhilippHeuer PhilippHeuer Sep 11, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The list of flags looks good to me. I would suggest passing the ignoreFlags to the telemetry client from the oasdiff cli when setting up the telemetry client - this makes it easier to maintain when adding or removing cli flags in the future as this is easy to miss without references in the main repo.

In that case this ignoreFlags list would move into oasdiff when telemetry is updated.

--

If you want to keep everything in the telemetry repo, a possible alternative could be to invert it and define the relevantFlags (instead of ignoreFlags ) in here, that way there is less risk when adding new flags.

Suggested change
func redactFlags(telemetry *model.Telemetry) *model.Telemetry {
for key := range telemetry.Flags {
if key == "err-ignore" ||
key == "warn-ignore" ||
key == "match-path" ||
key == "prefix-base" ||
key == "prefix-revision" ||
key == "strip-prefix-base" ||
key == "strip-prefix-revision" ||
key == "filter-extension" {
telemetry.Flags[key] = ""
}
}
var ignoreFlags = []string{
"err-ignore",
"warn-ignore",
"match-path",
"prefix-base",
"prefix-revision",
"strip-prefix-base",
"strip-prefix-revision",
"filter-extension",
}
func redactFlags(telemetry *model.Telemetry) *model.Telemetry {
for _, key := range ignoreFlags {
if _, exists := telemetry.Flags[key]; exists {
telemetry.Flags[key] = ""
}
}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done, see: config collector with ignore-flags

client/client.go
Comment on lines +81 to +102
func getWebCategory(name string) string {

if isSwaggerHub(name) {
return "swaggerhub"
} else if isGitHub(name) {
return "github"
} else if isGCS(name) {
return "gcs"
} else if isS3(name) {
return "s3"
} else if isAzure(name) {
return "azure"
} else if isHeroku(name) {
return "heroku"
} else if strings.HasPrefix(name, "https://") {
return "https"
} else if strings.HasPrefix(name, "http://") {
return "http"
}

return ""
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think file, swaggerhub and http/https would suffice for the source.

If other protocols like S3 / FTP, ... are supported those could also be added.

Copy link
Contributor Author

@effoeffi effoeffi Sep 12, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean by supported?
I'm working with GCS for storing OAS

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think of file and http/https as supported protocols and swaggerhub as special case of interest.

I don't see how knowing what hosters are used (azure/heroku/...) is useful to oasdiff and therefore merge all of them into http/https. If you think that this information is useful keeping it would be ok as well - the important part was removing the full url.

With supported protocols i mean cases that are not a plain http requests, to give an example for s3:
Imagine oasdiff accepting a argument like s3://<bucket-name>.s3.amazonaws.com/specs to compare all files in a local directory with all files in a bucket in composed mode.

@effoeffi effoeffi merged commit 9115e5f into main Sep 13, 2023
@effoeffi effoeffi deleted the redact branch September 13, 2023 05:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@reuvenharrison reuvenharrison Awaiting requested review from reuvenharrison

@PhilippHeuer PhilippHeuer Awaiting requested review from PhilippHeuer

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@effoeffi @PhilippHeuer