Add AWS regexp pattern (#62)

New feature that enhances the replacement functionality in the DefaultRegexpPairs. It allows for more flexible replacements by supporting dynamic replacement of matched groups from the regular expression pattern.

- checkbox for explicit AWS usage
- Refactored LogFileFilterOutputStream to handle multiple DefaultRegexpPairs

---------

Authored-by: Fredrik Lysén <[email protected]>

.gitignore

@@ -80,3 +80,4 @@ fabric.properties
 
 # Android studio 3.1+ serialized cache file
 .idea/caches/build_file_checksums.ser
+/.idea/

src/main/java/com/tsystems/sbs/DefaultRegexpPairs.java

@@ -19,7 +19,18 @@ public final class DefaultRegexpPairs {
                     new RegexpPair("password=\\S*", "password=********") //PASSWORD MASKING
             ));
 
+    private final static List<RegexpPair> DEFAULT_REGEXES_AWS
+            = Collections.<RegexpPair>unmodifiableList(
+            Arrays.<RegexpPair>asList(
+                    new RegexpPair("(AWS_[a-zA-Z_]+=)(\\S+)", "$1********"), // AWS RegExp MASKING
+                    new RegexpPair("(aws_[a-zA-Z_]+=)(\\S+)", "$1********")
+            ));
+
     public static List<RegexpPair> getDefaultRegexes() {
         return DEFAULT_REGEXES;
     }
+
+    public static List<RegexpPair> getDefaultRegexesAWS() {
+        return DEFAULT_REGEXES_AWS;
+    }
 }

src/main/java/com/tsystems/sbs/LogFileFilterConfig.java

@@ -45,6 +45,7 @@ public static LogFileFilterConfig get() {
      * Determines whether the regexp replacements which come fixed with the plugin are enabled.
      */
     private boolean enabledDefaultRegexp;
+    private boolean enabledDefaultRegexpAWS;
 
     /**
      * Represents the custom regexp pairs specified by the user in the global settings.
@@ -70,12 +71,22 @@ public boolean isEnabledDefaultRegexp() {
         return enabledDefaultRegexp;
     }
 
+    public boolean isEnabledDefaultRegexpAWS() {
+        return enabledDefaultRegexpAWS;
+    }
+
     @DataBoundSetter
     public void setEnabledDefaultRegexp(boolean enabledDefaultRegexp) {
         this.enabledDefaultRegexp = enabledDefaultRegexp;
         save();
     }
 
+    @DataBoundSetter
+    public void setEnabledDefaultRegexpAWS(boolean enabledDefaultRegexpAWS) {
+        this.enabledDefaultRegexpAWS = enabledDefaultRegexpAWS;
+        save();
+    }
+
     public List<RegexpPair> getRegexpPairs() {
         return regexpPairs;
     }

src/main/java/com/tsystems/sbs/LogFileFilterOutputStream.java

@@ -6,6 +6,7 @@
 import java.io.IOException;
 import java.io.OutputStream;
 import java.nio.charset.Charset;
+import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.logging.Level;
@@ -29,6 +30,7 @@ public class LogFileFilterOutputStream extends LineTransformationOutputStream {
     //Global settings
     private final boolean isEnabledGlobally;
     private final boolean isEnabledDefaultRegexp;
+    private final boolean isEnabledDefaultRegexpAWS;
     private final List<RegexpPair> defaultRegexpPairs;
     private final List<RegexpPair> customRegexpPairs;
     private final String jobName;
@@ -47,19 +49,27 @@ public LogFileFilterOutputStream(OutputStream out, Charset charset, String jobNa
         }
 
 		isEnabledGlobally = config.isEnabledGlobally();
-		isEnabledDefaultRegexp = config.isEnabledDefaultRegexp();
-		if (isEnabledGlobally) {
-			//Load regexes
-			customRegexpPairs = config.getRegexpPairs();
-			if (isEnabledDefaultRegexp) {
-				defaultRegexpPairs = DefaultRegexpPairs.getDefaultRegexes();
-			} else {
-				defaultRegexpPairs = Collections.<RegexpPair>emptyList();
-			}
-		} else {
-			customRegexpPairs = Collections.<RegexpPair>emptyList();
-			defaultRegexpPairs = Collections.<RegexpPair>emptyList();
-		}
+        isEnabledDefaultRegexp = config.isEnabledDefaultRegexp();
+        isEnabledDefaultRegexpAWS = config.isEnabledDefaultRegexpAWS();
+
+        if (isEnabledGlobally) {
+            // Load regexes
+            customRegexpPairs = config.getRegexpPairs();
+            defaultRegexpPairs = new ArrayList<>();
+            if (isEnabledDefaultRegexp) {
+                defaultRegexpPairs.addAll(DefaultRegexpPairs.getDefaultRegexes());
+            }
+            if (isEnabledDefaultRegexpAWS) {
+                defaultRegexpPairs.addAll(DefaultRegexpPairs.getDefaultRegexesAWS());
+            }
+            // Log defaultRegexpPairs
+            for (RegexpPair pair : defaultRegexpPairs) {
+                LOGGER.log(Level.INFO, pair.toString());
+            }
+        } else {
+            customRegexpPairs = Collections.<RegexpPair>emptyList();
+            defaultRegexpPairs = Collections.<RegexpPair>emptyList();
+        }
     }
 
     @Override

src/main/java/com/tsystems/sbs/RegexpPair.java

@@ -1,5 +1,6 @@
 package com.tsystems.sbs;
 
+import edu.umd.cs.findbugs.annotations.NonNull;
 import hudson.Extension;
 import hudson.model.AbstractDescribableImpl;
 import hudson.model.Descriptor;
@@ -23,6 +24,11 @@ public class RegexpPair extends AbstractDescribableImpl<RegexpPair> implements S
     private String replacement;
     private transient Pattern compiledRegexp;
 
+    @Override
+    public String toString() {
+        return "RegexpPair{pattern=" + regexp + ", replacement=" + replacement + "}";
+    }
+
     @DataBoundConstructor
     public RegexpPair(String regexp, String replacement) {
         this.regexp = regexp;

src/main/resources/com/tsystems/sbs/LogFileFilterConfig/config.jelly

@@ -24,6 +24,10 @@
   		<f:entry title="Enable default regexp" field="enabledDefaultRegexp">
   			<f:checkbox checked="${it.enabledDefaultRegexp}" />
   		</f:entry>
+
+		<f:entry title="Enable Amazon AWS regexp" field="enabledDefaultRegexpAWS">
+			<f:checkbox checked="${it.enabledDefaultRegexpAWS}" />
+		</f:entry>
 
 		<!-- Defines the regexp patterns to filter the console logs -->
 		<f:entry title="Custom regexp pairs" field="regexpPairs">

src/main/resources/com/tsystems/sbs/LogFileFilterConfig/help-enabledDefaultRegexpAWS.html

@@ -0,0 +1,31 @@
+<!--THIS FILE IS AUTOGENERATED FROM THE global.properties FILE-->
+<div>
+
+	<style>
+		.log-file-filter-plugin th, .log-file-filter-plugin td{
+			border: solid 1px black;
+			border-collapse: collapse;
+			padding: 10px
+		}
+	</style>
+
+	<p>These are the default regular expressions and their respective replacements. These expressions are fixed and come with the plugin.</p>
+	<table class="log-file-filter-plugin">
+		<!-- Table header -->
+		<tr><th>Description</th><th>Regexp</th><th>Replacement</th><th>Sample</th></tr>
+
+		<!-- Table rows (regexes) -->
+		<tr>
+			<td>Masks AWS credential and token</td>
+			<td>(AWS_[a-zA-Z_]+=)(\S+)</td>
+			<td>$1********</td>
+			<td>
+				<ul>
+					<li>AWS_ACCESS_KEY_ID=A7OTR4HWEGX2SKQMRAXI -> AWS_ACCESS_KEY_ID=********</li>
+					<li>AWS_SECRET_ACCESS_KEY=agfkjgsakfjhsgad -> AWS_SECRET_ACCESS_KEY=********</li>
+					<li>AWS_SESSION_TOKEN=ThGHJJHF7jdfnjsdzf -> AWS_SESSION_TOKEN=********</li>
+				</ul>
+			</td>
+		</tr>
+	</table>
+</div>

src/test/java/com/tsystems/sbs/DefaultRegexpPairsAWSTest.java

@@ -0,0 +1,68 @@
+package com.tsystems.sbs;
+
+import hudson.console.LineTransformationOutputStream;
+import org.junit.Test;
+
+import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import static org.codehaus.groovy.runtime.ResourceGroovyMethods.filterLine;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.greaterThan;
+import static org.hamcrest.Matchers.is;
+import static org.junit.Assert.assertEquals;
+
+
+public class DefaultRegexpPairsAWSTest {
+    private List<RegexpPair> getDefaultRegexpPairs() {
+        return DefaultRegexpPairs.getDefaultRegexesAWS();
+    }
+    @Test
+    public void testDefaultPairsList() {
+        List<RegexpPair> defaultRegexpPairs = getDefaultRegexpPairs();
+        assertThat(defaultRegexpPairs.size(), greaterThan(0));
+
+    }
+
+    @Test
+    public void testDefaultPairs() {
+        List<RegexpPair> defaultRegexpPairs = getDefaultRegexpPairs();
+
+        // Define the input string
+        String input = "AWS_ACCESS_KEY_ID=R2RHTXG7QKSRWMOHEIAMH4A AWS_SECRET_ACCESS_KEY=/lD8T9bXuZUW/F/8MutOB1vDXK2uG/gNHUe/d8bG AWS_SESSION_TOKEN=Z1XKqTnKIHd7eLJhBZb9QWVcG0Rj3f8z1uYgO4Xm6vNiD5F7cM9pAa/2SsPqRrTtEoUyHwC+DxGJlWbVfNkOYK6hI3eX1L0j2+//////////";
+        String expected = "AWS_ACCESS_KEY_ID=******** AWS_SECRET_ACCESS_KEY=******** AWS_SESSION_TOKEN=********";
+
+
+        StringBuilder replacedInput = new StringBuilder(input);
+
+        for (RegexpPair pair : defaultRegexpPairs) {
+            String pattern = pair.getRegexp();
+            String replacement = pair.getReplacement();
+
+            Pattern regexPattern = Pattern.compile(pattern);
+            Matcher matcher = regexPattern.matcher(replacedInput);
+
+            while (matcher.find()) {
+                String matchedPattern = matcher.group();
+                String replacedString = replacement;
+
+                // Replace all occurrences of $n with the matched groups
+                for (int i = 1; i <= matcher.groupCount(); i++) {
+                    String group = matcher.group(i);
+                    replacedString = replacedString.replace("$" + i, group);
+                }
+
+                replacedInput.replace(matcher.start(), matcher.end(), replacedString);
+                matcher.region(matcher.start() + replacedString.length(), replacedInput.length());
+            }
+        }
+
+        String replacedInputString = replacedInput.toString();
+        System.out.println("Replaced input result: " + replacedInputString);
+
+        // Test the behavior
+        assertEquals(expected, replacedInputString);
+    }
+}
+