From b6f49bfa4adf5da0ef00da5e89f3593050226cf5 Mon Sep 17 00:00:00 2001 From: Marcel Moura <5615598+marcelstanley@users.noreply.github.com> Date: Tue, 6 Aug 2024 18:52:53 -0300 Subject: [PATCH] feat(config): redact redis endpoint on experimental mode --- internal/node/config/config.go | 4 ++-- internal/node/config/config_test.go | 8 ++++++++ internal/node/services.go | 2 +- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/internal/node/config/config.go b/internal/node/config/config.go index a207917de..8a7735eee 100644 --- a/internal/node/config/config.go +++ b/internal/node/config/config.go @@ -36,7 +36,7 @@ type NodeConfig struct { FeatureDisableMachineHashCheck bool ExperimentalServerManagerBypassLog bool ExperimentalSunodoValidatorEnabled bool - ExperimentalSunodoValidatorRedisEndpoint string + ExperimentalSunodoValidatorRedisEndpoint Redacted[string] Auth Auth } @@ -99,7 +99,7 @@ func FromEnv() NodeConfig { config.ExperimentalSunodoValidatorEnabled = getExperimentalSunodoValidatorEnabled() if getExperimentalSunodoValidatorEnabled() { config.ExperimentalSunodoValidatorRedisEndpoint = - getExperimentalSunodoValidatorRedisEndpoint() + Redacted[string]{getExperimentalSunodoValidatorRedisEndpoint()} config.FeatureDisableClaimer = true } if !config.FeatureDisableClaimer && !getExperimentalSunodoValidatorEnabled() { diff --git a/internal/node/config/config_test.go b/internal/node/config/config_test.go index 7f8b0ebc1..8dec496cf 100644 --- a/internal/node/config/config_test.go +++ b/internal/node/config/config_test.go @@ -34,3 +34,11 @@ func (s *ConfigTestSuite) TestSunodoExperimentalModeDisablesClaimer() { c := FromEnv() assert.Equal(s.T(), true, c.FeatureDisableClaimer) } + +func (s *ConfigTestSuite) TestExperimentalSunodoValidatorRedisEndpointIsRedacted() { + os.Setenv("CARTESI_EXPERIMENTAL_SUNODO_VALIDATOR_ENABLED", "true") + os.Setenv("CARTESI_EXPERIMENTAL_SUNODO_VALIDATOR_REDIS_ENDPOINT", + "redis://default:VERY_SECRET_PASWORD@rollups-nodes-redis.internal:6379") + c := FromEnv() + assert.Equal(s.T(), "[REDACTED]", c.ExperimentalSunodoValidatorRedisEndpoint.String()) +} diff --git a/internal/node/services.go b/internal/node/services.go index 892c3db16..bf60efd51 100644 --- a/internal/node/services.go +++ b/internal/node/services.go @@ -45,7 +45,7 @@ func getPort(c config.NodeConfig, offset portOffset) int { // Get the redis endpoint based on whether the experimental sunodo validator mode is enabled. func getRedisEndpoint(c config.NodeConfig) string { if c.ExperimentalSunodoValidatorEnabled { - return c.ExperimentalSunodoValidatorRedisEndpoint + return c.ExperimentalSunodoValidatorRedisEndpoint.Value } else { return fmt.Sprintf("redis://%v:%v", localhost, getPort(c, portOffsetRedis)) }