Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

backend-*-api: add RedactionsService #24730

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

backend-*-api: add RedactionsService #24730

wants to merge 1 commit into from
+411 −37

Conversation

Rugvip
Copy link
Member

@Rugvip Rugvip commented May 11, 2024

Hey, I just made a Pull Request!

I realized that customizing the root logger is kinda tricky right now since it also wires up the secret redactions from config. That and the follow-up for #24478 made me think that it might be worth introducing a redactions service. It both lets plugins add sensitive data to redactions and also lets them do their own redactions for sensitive content. In particular, I'm thinking that both Scaffolder and TechDocs build logs that we stream to the client could use this.

Kept it very simple for now, but there's one problem that might be worth introducing some extra solution for, which is that an ever-growing redactions filter might have a performance impact. A long-running deployment might simply pile up a lot of secrets over time to the point where the RegExp compilation and execution becomes a problem. There's also the potential issue of ReDos attacks if user input is ever forwarded to the redactions by a plugin.

One potential solution is to be able to add a redaction with a TTL, although there's a risk that it only solves the long-running service problem and not the malicious user input. Another option could be the creation of some form of redaction context where secrets can be added only for that particular context, the idea being that this is particularly useful to handle scaffolder user input. That might be a bit overkill for a service though, and it's possible that we should instead implement local filtering in the scaffolder in addition to using the service.

✔️ Checklist

  • A changeset describing the change and affected packages. (more info)
  • Added or updated documentation
  • Tests for new functionality and regression tests for bug fixes
  • Screenshots attached (for UI changes)
  • All your commits have a Signed-off-by line in the message. (more info)

@Rugvip Rugvip requested review from a team as code owners May 11, 2024 13:45
@github-actions github-actions bot added documentation Improvements or additions to documentation microsite Changes to backstage.io labels May 11, 2024
@backstage-goalie
Copy link
Contributor

Changed Packages

Package Name Package Path Changeset Bump Current Version
@backstage/backend-app-api packages/backend-app-api patch v0.7.3-next.1
@backstage/backend-defaults packages/backend-defaults patch v0.2.18-next.2
@backstage/backend-plugin-api packages/backend-plugin-api patch v0.6.18-next.1
@backstage/backend-test-utils packages/backend-test-utils patch v0.3.8-next.2

@Rugvip
backend-*-api: add RedactionsService
dce71d1 
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com>
@freben freben mentioned this pull request May 13, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benjdlambert benjdlambert Awaiting requested review from benjdlambert benjdlambert is a code owner automatically assigned from backstage/maintainers

@camilaibs camilaibs Awaiting requested review from camilaibs camilaibs is a code owner automatically assigned from backstage/reviewers

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
documentation Improvements or additions to documentation microsite Changes to backstage.io
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@Rugvip