From 3084c37f3e1e5c1260fbc4a00082300ec0a7b0bd Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 9 Jul 2019 07:07:41 -0700
Subject: Perform more redactions in Redis performance bar traces

HMSET and AUTH commands were not properly redacted. This commit
does that and adds a test.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64309
---
 lib/peek/views/redis.rb | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'lib/peek')

diff --git a/lib/peek/views/redis.rb b/lib/peek/views/redis.rb
index ad3c3c9fe01..73de8672fa4 100644
--- a/lib/peek/views/redis.rb
+++ b/lib/peek/views/redis.rb
@@ -37,6 +37,8 @@ end
 module Peek
   module Views
     module RedisDetailed
+      REDACTED_MARKER = "<redacted>"
+
       def results
         super.merge(details: details)
       end
@@ -57,10 +59,12 @@ module Peek
       end
 
       def format_command(cmd)
+        if cmd.length >= 2 && cmd.first =~ /^auth$/i
+          cmd[-1] = REDACTED_MARKER
         # Scrub out the value of the SET calls to avoid binary
         # data or large data from spilling into the view
-        if cmd.length >= 2 && cmd.first =~ /set/i
-          cmd[-1] = "<redacted>"
+        elsif cmd.length >= 3 && cmd.first =~ /set/i
+          cmd[2..-1] = REDACTED_MARKER
         end
 
         cmd.join(' ')
-- 
cgit v1.2.1