diff options
| author | Sam Thursfield <sam@afuera.me.uk> | 2014-09-19 15:26:36 +0000 |
|---|---|---|
| committer | Sam Thursfield <sam@afuera.me.uk> | 2014-09-19 15:29:44 +0000 |
| commit | ef3a9aa55f70d6c56a6e94be5e15b54decae1a74 (patch) | |
| tree | efa3c8c7c10be3596f0b1ae4531841e4779e7e25 | |
| parent | 359248a35948d2060dba97ef7073c155e3b9c1bb (diff) | |
| download | morph-ef3a9aa55f70d6c56a6e94be5e15b54decae1a74.tar.gz | |
Prevent cliapp from logging env. variables with 'PASSWORD' in their name
The upstream cliapp project is not interested in this functionality
right now.
| -rw-r--r-- | morphlib/app.py | 4 | ||||
| -rw-r--r-- | morphlib/util.py | 11 | ||||
| -rw-r--r-- | morphlib/writeexts.py | 4 |
3 files changed, 19 insertions, 0 deletions
diff --git a/morphlib/app.py b/morphlib/app.py index 25f705f7..48de6aba 100644 --- a/morphlib/app.py +++ b/morphlib/app.py @@ -203,6 +203,10 @@ class Morph(cliapp.Application): self.add_subcommand('help-extensions', self.help_extensions) + def log_config(self): + with morphlib.util.hide_password_environment_variables(os.environ): + cliapp.Application.log_config(self) + def process_args(self, args): self.check_time() diff --git a/morphlib/util.py b/morphlib/util.py index 0d4e25dc..ae1df56a 100644 --- a/morphlib/util.py +++ b/morphlib/util.py @@ -13,6 +13,7 @@ # with this program; if not, write to the Free Software Foundation, Inc., # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +import contextlib import itertools import os import re @@ -210,6 +211,16 @@ def new_repo_caches(app): # pragma: no cover def env_variable_is_password(key): # pragma: no cover return 'PASSWORD' in key +@contextlib.contextmanager +def hide_password_environment_variables(env): # pragma: no cover + is_password = env_variable_is_password + password_env = { k:v for k,v in env.iteritems() if is_password(k) } + for k in password_env: + env[k] = '(value hidden)' + yield + for k, v in password_env.iteritems(): + env[k] = v + def log_environment_changes(app, current_env, previous_env): # pragma: no cover '''Log the differences between two environments to debug log.''' def log_event(key, value, event): diff --git a/morphlib/writeexts.py b/morphlib/writeexts.py index 5102bfdc..0fd0ad7b 100644 --- a/morphlib/writeexts.py +++ b/morphlib/writeexts.py @@ -113,6 +113,10 @@ class WriteExtension(cliapp.Application): logger.addHandler(handler) logger.setLevel(logging.DEBUG) + def log_config(self): + with morphlib.util.hide_password_environment_variables(os.environ): + cliapp.Application.log_config(self) + def process_args(self, args): raise NotImplementedError() |