...
1 package snapshot
2
3 import (
4 "github.com/datawire/ambassador/v2/pkg/kates"
5 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
6 )
7
8
9
10
11
12
13
14
15 func (s *Snapshot) Sanitize() error {
16 var err error
17 if s.Kubernetes != nil {
18 if err = s.Kubernetes.Sanitize(); err != nil {
19 return err
20 }
21 }
22
23
24
25 if len(s.Invalid) > 0 {
26 scrubbedInvalid := []*kates.Unstructured{}
27 for _, invalid := range s.Invalid {
28 scrubbed := kates.NewUnstructured(invalid.GetKind(), invalid.GetAPIVersion())
29 scrubbed.SetName(invalid.GetName())
30 scrubbed.SetNamespace(invalid.GetNamespace())
31 invalidErrs, hasErrors := invalid.Object["errors"]
32 if hasErrors {
33 rawContent := scrubbed.UnstructuredContent()
34 rawContent["errors"] = invalidErrs
35 scrubbed.SetUnstructuredContent(rawContent)
36 }
37 scrubbedInvalid = append(scrubbedInvalid, scrubbed)
38 }
39 s.Invalid = scrubbedInvalid
40 }
41 return nil
42 }
43
44 func (ambInputs *KubernetesSnapshot) Sanitize() error {
45
46
47
48
49
50
51 sanitizedSecrets := []*kates.Secret{}
52 for _, secret := range ambInputs.Secrets {
53 sanitizedSecret := &kates.Secret{
54 Type: secret.Type,
55 TypeMeta: secret.TypeMeta,
56 ObjectMeta: metav1.ObjectMeta{
57 Name: secret.ObjectMeta.Name,
58 Namespace: secret.ObjectMeta.Namespace,
59 },
60 Data: map[string][]byte{},
61 }
62 for k := range secret.Data {
63
64
65
66
67
68 sanitizedSecret.Data[k] = []byte(`<REDACTED>`)
69 }
70 sanitizedSecrets = append(sanitizedSecrets, sanitizedSecret)
71 }
72 ambInputs.Secrets = sanitizedSecrets
73
74 return nil
75 }
76
View as plain text