-
Notifications
You must be signed in to change notification settings - Fork 3.8k
/
node_tenant_test.go
114 lines (104 loc) · 3.9 KB
/
node_tenant_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
// Copyright 2021 The Cockroach Authors.
//
// Use of this software is governed by the Business Source License
// included in the file licenses/BSL.txt.
//
// As of the Change Date specified in that file, in accordance with
// the Business Source License, use of this software will be governed
// by the Apache License, Version 2.0, included in the file
// licenses/APL.txt.
package server
import (
"context"
"testing"
"time"
"github.com/cockroachdb/cockroach/pkg/roachpb"
"github.com/cockroachdb/cockroach/pkg/util/leaktest"
"github.com/cockroachdb/cockroach/pkg/util/log"
"github.com/cockroachdb/cockroach/pkg/util/tracing"
"github.com/cockroachdb/cockroach/pkg/util/tracing/tracingpb"
"github.com/cockroachdb/logtags"
"github.com/stretchr/testify/require"
"go.opentelemetry.io/otel/attribute"
)
// TestMaybeRedactRecording verifies that redactRecordingForTenant strips
// sensitive details for recordings consumed by tenants.
//
// See kvccl.TestTenantTracesAreRedacted for an end-to-end test of this.
func TestRedactRecordingForTenant(t *testing.T) {
defer leaktest.AfterTest(t)()
const (
msgNotSensitive = "msg-tenant-shown"
msgSensitive = "msg-tenant-hidden"
tagNotSensitive = "tag-tenant-shown"
tagSensitive = "tag-tenant-hidden"
)
mkRec := func() tracing.Recording {
t.Helper()
tags := (&logtags.Buffer{}).
Add("tag_sensitive", tagSensitive).
Add("tag_not_sensitive", log.Safe(tagNotSensitive))
ctx := logtags.WithTags(context.Background(), tags)
tracer := tracing.NewTracer()
tracer.SetRedactable(true)
ctx, sp := tracer.StartSpanCtx(ctx, "foo", tracing.WithRecording(tracing.RecordingVerbose))
sp.SetVerbose(true)
log.Eventf(ctx, "%s %s", msgSensitive, log.Safe(msgNotSensitive))
sp.SetTag("all_span_tags_are_stripped", attribute.StringValue("because_no_redactability"))
rec := sp.FinishAndGetRecording(tracing.RecordingVerbose)
require.Len(t, rec, 1)
return rec
}
t.Run("regular-tenant", func(t *testing.T) {
rec := mkRec()
require.NoError(t, redactRecordingForTenant(roachpb.MakeTenantID(100), rec))
require.Zero(t, rec[0].Tags)
require.Len(t, rec[0].Logs, 1)
msg := rec[0].Logs[0].Msg().StripMarkers()
t.Log(msg)
require.NotContains(t, msg, msgSensitive)
require.NotContains(t, msg, tagSensitive)
require.Contains(t, msg, msgNotSensitive)
require.Contains(t, msg, tagNotSensitive)
})
t.Run("system-tenant", func(t *testing.T) {
rec := mkRec()
require.NoError(t, redactRecordingForTenant(roachpb.SystemTenantID, rec))
require.Equal(t, map[string]string{
"_verbose": "1",
"all_span_tags_are_stripped": "because_no_redactability",
"tag_not_sensitive": tagNotSensitive,
"tag_sensitive": tagSensitive,
}, rec[0].Tags)
require.Len(t, rec[0].Logs, 1)
msg := rec[0].Logs[0].Msg().StripMarkers()
t.Log(msg)
require.Contains(t, msg, msgSensitive)
require.Contains(t, msg, tagSensitive)
require.Contains(t, msg, msgNotSensitive)
require.Contains(t, msg, tagNotSensitive)
})
t.Run("no-unhandled-fields", func(t *testing.T) {
// Guard against a new sensitive field being added to RecordedSpan. If
// you're here to see why this test failed to compile, ensure that the
// change you're making to RecordedSpan does not include new sensitive data
// that may leak from the KV layer to tenants. If it does, update
// redactRecordingForTenant appropriately.
type calcifiedRecordedSpan struct {
TraceID tracingpb.TraceID
SpanID tracingpb.SpanID
ParentSpanID tracingpb.SpanID
Operation string
Tags map[string]string
StartTime time.Time
Duration time.Duration
RedactableLogs bool
Logs []tracingpb.LogRecord
Verbose bool
GoroutineID uint64
Finished bool
StructuredRecords []tracingpb.StructuredRecord
}
_ = (*calcifiedRecordedSpan)((*tracingpb.RecordedSpan)(nil))
})
}