Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(loki.secretfilter): Fix partial masking for short secrets and support multiple allowlists per rule #2320

Merged
merged 17 commits into from
Jan 10, 2025
Merged

fix(loki.secretfilter): Fix partial masking for short secrets and support multiple allowlists per rule #2320

merged 17 commits into from
Jan 10, 2025
+238 −21

Conversation

romain-gaillard
Copy link
Contributor

PR Description

  • Fixes the issue reported in Panic: runtime error utilizing secretfilter component #2288 where the component was crashing when the secret to mask was shorter than the partial_mask value.
  • Adds (partial) support for the new [[rules.allowlists]] format added in Gitleaks v8.21.0
  • Updates the documentation to be clearer on the fact that the component doesn't support all features of the Gitleaks configuration format.

Which issue(s) this PR fixes

Notes to the Reviewer

PR Checklist

  • CHANGELOG.md updated
  • Documentation added
  • Tests updated
  • Config converters updated

@romain-gaillard romain-gaillard requested a review from a team December 31, 2024 12:07
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 31, 2024
edited
Loading

💻 Deploy preview deleted.

@romain-gaillard romain-gaillard self-assigned this Dec 31, 2024
@romain-gaillard romain-gaillard marked this pull request as ready for review January 6, 2025 12:00
mattdurham
mattdurham reviewed Jan 6, 2025
View reviewed changes
internal/component/loki/secretfilter/secretfilter.go Outdated
Regexes []string
}
Rules []struct {
ID string
Description string
Description string // Not used
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are these unused variables still here so the format processes? What is the harm in removing them?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, indeed they could be removed. I initially added them to keep track of features we don't currently support but might in the future.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In that case I would rather remote/comment out the whole line so they cant mistakenly be used.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 I removed it

mostafa
mostafa reviewed Jan 6, 2025
View reviewed changes
Copy link
Member

@mostafa mostafa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

docs/sources/reference/components/loki/loki.secretfilter.md Outdated Show resolved Hide resolved
@clayton-cornell clayton-cornell added the type/docs Docs Squad label across all Grafana Labs repos label Jan 6, 2025
@romain-gaillard
Copy link
Contributor Author

@clayton-cornell @mattdurham
Thank you so much for your comments and suggestions, they should all be implemented.

mattdurham
mattdurham approved these changes Jan 10, 2025
View reviewed changes
Copy link
Collaborator

@mattdurham mattdurham left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mattdurham
Copy link
Collaborator

Will merge once clayton approves.

clayton-cornell
clayton-cornell approved these changes Jan 10, 2025
View reviewed changes
Copy link
Contributor

@clayton-cornell clayton-cornell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM @mattdurham it's good to go

@dehaansa dehaansa merged commit 3a4be44 into main Jan 10, 2025
20 checks passed
@dehaansa dehaansa deleted the secretfilter-fix-partialmasking branch January 10, 2025 20:26
@romain-gaillard romain-gaillard mentioned this pull request Jan 13, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@clayton-cornell clayton-cornell clayton-cornell approved these changes

@mattdurham mattdurham mattdurham approved these changes

@mostafa mostafa mostafa approved these changes

Assignees

@romain-gaillard romain-gaillard

Labels
type/docs Docs Squad label across all Grafana Labs repos
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@romain-gaillard @mattdurham @mostafa @clayton-cornell @dehaansa