-
-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add plan name to log messages, and improve logs #101
Conversation
maxisam
commented
Dec 14, 2023
•
edited
Loading
edited
- log now will indicate if it is a validation error
- improve security by not using cmd to remove files
@@ -57,27 +57,38 @@ | |||
dumpCmd := BuildDumpCmd(archive, plan.Target) | |||
timeout := time.Duration(plan.Scheduler.Timeout) * time.Minute | |||
|
|||
log.Debugf("dump cmd: %v", strings.Replace(dumpCmd, fmt.Sprintf(`-p "%v"`, plan.Target.Password), "-p xxxx", -1)) | |||
log.WithField("plan", plan.Name).Debugf("dump cmd: %v", strings.Replace(dumpCmd, fmt.Sprintf(`-p "%v"`, plan.Target.Password), "-p xxxx", -1)) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
Sensitive data returned by an access to Password
restoreCmd := backup.BuildRestoreCmd(backupPath, plan.Target, plan.Target) | ||
log.Infof("Running restore command with : %v", restoreCmd) | ||
log.WithField("plan", plan.Name).Infof("Running restore command with : %v", restoreCmd) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
Sensitive data returned by an access to Password
95b665f
to
b896cdc
Compare
b896cdc
to
8ce7bdf
Compare
sort.Sort(sort.Reverse(sort.StringSlice(files))) | ||
if len(files) > retention { | ||
for _, file := range files[retention:] { | ||
if err := os.Remove(file); err != nil { |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
user-provided value
* Add plan name to log messages, and improve logs * 🐞 fix: avoid security risk by not using command directly