Skip to content

Filter build-info and modules properties#716

Merged
Or-Geva merged 7 commits intojfrog:masterfrom
Or-Geva:master
Mar 6, 2023
Merged

Filter build-info and modules properties#716
Or-Geva merged 7 commits intojfrog:masterfrom
Or-Geva:master

Conversation

@Or-Geva
Copy link
Copy Markdown
Contributor

@Or-Geva Or-Geva commented Mar 2, 2023

  • All tests passed. If this feature is not already covered by the tests, I added new tests.

Prior to this PR, build-info properties were filtered only for environment variables and system properties.
The PR moves all filter logic into one place and performs exclude/include logic for all properties, including:

  1. Environment variables (including properties with buildInfo.env prefix)
  2. System properties
  3. Properties from file
  4. Build-info modules properties
  5. Exclude not just the key but also the value of properties

@Or-Geva Or-Geva requested a review from yahavi March 2, 2023 17:01
@Or-Geva Or-Geva added the safe to test Approve running integration tests on a pull request label Mar 2, 2023
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Mar 2, 2023
@yahavi yahavi added the safe to test Approve running integration tests on a pull request label Mar 5, 2023
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Mar 5, 2023
yahavi
yahavi requested changes Mar 5, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@yahavi yahavi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please don't merge this code before my final approval. I want to go through it again.

...fo-extractor/src/main/java/org/jfrog/build/extractor/packageManager/PackageManagerUtils.java
private static final String apiKeySecretPrefix = "AKCp8";
private static final int apiKeySecretMinimalLength = 73;
private static final String referenceTokenSecretPrefix = "cmVmdGtuOjAxOj";
private static final int referenceTokenSecretMinimalLength = 64;
Copy link
Copy Markdown
Member

@yahavi yahavi Mar 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I almost sure that reference tokens are 64 characters fixed

build-info-extractor/src/main/java/org/jfrog/build/extractor/BuildInfoExtractorUtils.java
}

public static Properties getEnvProperties(Properties startProps, Log log) {
IncludeExcludePatterns patterns = new IncludeExcludePatterns(
Copy link
Copy Markdown
Member

@yahavi yahavi Mar 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removing the filtering code from this method sounds very risky to me. Let's do the "get" and the "filter" logic in one place to enforce filtering in all flows.

Copy link
Copy Markdown
Contributor Author

@Or-Geva Or-Geva Mar 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understand the concern, but this is not the place to do filtering. According to the name of this function, it returns all environment variables. By moving the filter logic to a new location, we can filter not only the environment variables, but also modules. Putting the filter logic here would prevent us from filtering things unrelated to environment variables, so we would have to split the logic across the code, and that will cause a mess in the code.

Copy link
Copy Markdown
Contributor Author

@Or-Geva Or-Geva Mar 6, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Due to security risks, we will return the filter logic to here despite the above comment .

@Or-Geva Or-Geva requested a review from yahavi March 5, 2023 19:59
@Or-Geva Or-Geva added the safe to test Approve running integration tests on a pull request label Mar 5, 2023
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Mar 5, 2023
@Or-Geva Or-Geva added the safe to test Approve running integration tests on a pull request label Mar 6, 2023
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Mar 6, 2023
@Or-Geva Or-Geva merged commit 2d1c64e into jfrog:master Mar 6, 2023
@Or-Geva Or-Geva mentioned this pull request Mar 13, 2023
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yahavi yahavi yahavi requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Or-Geva @yahavi