chore(step): clean up masking routine due to types change

executor/linux/service.go

@@ -373,8 +373,8 @@ func (c *client) DestroyService(ctx context.Context, ctn *pipeline.Container) er
 	if err != nil {
 		// create the service from the container
 		//
-		// https://pkg.go.dev/github.com/go-vela/types/library#ServiceFromContainer
-		_service = library.ServiceFromContainer(ctn)
+		// https://pkg.go.dev/github.com/go-vela/types/library#ServiceFromContainerEnvironment
+		_service = library.ServiceFromContainerEnvironment(ctn)
 	}
 
 	// defer an upload of the service

executor/linux/step.go

@@ -10,7 +10,6 @@ import (
 	"context"
 	"fmt"
 	"io/ioutil"
-	"regexp"
 	"strings"
 	"time"
 
@@ -243,14 +242,16 @@ func (c *client) StreamStep(ctx context.Context, ctn *pipeline.Container) error
 			return
 		}
 
-		// mask secrets in logs before setting them in the database.
-		data = maskSecrets(data, secretValues)
-
 		// overwrite the existing log with all bytes
 		//
 		// https://pkg.go.dev/github.com/go-vela/types/library?tab=doc#Log.SetData
 		_log.SetData(data)
 
+		// mask secrets in the log data
+		//
+		// https://pkg.go.dev/github.com/go-vela/types/library?tab=doc#Log.MaskData
+		_log.MaskData(secretValues)
+
 		logger.Debug("uploading logs")
 		// send API call to update the logs for the step
 		//
@@ -312,10 +313,12 @@ func (c *client) StreamStep(ctx context.Context, ctn *pipeline.Container) error
 						// update the existing log with the new bytes
 						//
 						// https://pkg.go.dev/github.com/go-vela/types/library?tab=doc#Log.AppendData
+						_log.AppendData(logs.Bytes())
 
-						data := maskSecrets(logs.Bytes(), secretValues)
-
-						_log.AppendData(data)
+						// mask secrets within the logs before updating database
+						//
+						// https://pkg.go.dev/github.com/go-vela/types/library?tab=doc#Log.MaskData
+						_log.MaskData(secretValues)
 
 						logger.Debug("appending logs")
 						// send API call to append the logs for the step
@@ -372,13 +375,15 @@ func (c *client) StreamStep(ctx context.Context, ctn *pipeline.Container) error
 			if logs.Len() > 1000 {
 				logger.Trace(logs.String())
 
-				// mask secrets before updating logs
-				data := maskSecrets(logs.Bytes(), secretValues)
-
 				// update the existing log with the new bytes
 				//
 				// https://pkg.go.dev/github.com/go-vela/types/library?tab=doc#Log.AppendData
-				_log.AppendData(data)
+				_log.AppendData(logs.Bytes())
+
+				// mask secrets within the logs before updating database
+				//
+				// https://pkg.go.dev/github.com/go-vela/types/library?tab=doc#Log.MaskData
+				_log.MaskData(secretValues)
 
 				logger.Debug("appending logs")
 				// send API call to append the logs for the step
@@ -471,19 +476,3 @@ func getSecretValues(ctn *pipeline.Container) []string {
 	}
 	return secretValues
 }
-
-// maskSecrets is a helper function that takes in a byte array
-// and a slice of secret values to mask.
-func maskSecrets(log []byte, secrets []string) []byte {
-	strData := string(log)
-	for _, secret := range secrets {
-		re := regexp.MustCompile(`\s` + secret + `\s`)
-		matches := re.FindAllString(strData, -1)
-		for _, match := range matches {
-			mask := string(match[0]) + constants.SecretLogMask + string(match[len(match)-1])
-			strData = strings.Replace(strData, match, mask, 1)
-		}
-		strData = re.ReplaceAllString(strData, constants.SecretLogMask)
-	}
-	return []byte(strData)
-}

executor/linux/step_test.go

@@ -609,50 +609,3 @@ func TestLinux_getSecretValues(t *testing.T) {
 		}
 	}
 }
-
-func TestLinux_maskSecrets(t *testing.T) {
-	// set up test secrets
-	sVals := []string{"secret", "bigsecret", "littlesecret", "extrasecret"}
-
-	// set up test logs
-	s1 := "$ echo $NO_SECRET\nnosecret\n"
-	s2 := "$ echo $SECRET\nbigsecret\n"
-	s2Masked := "$ echo $SECRET\n***\n"
-	s3 := "$ echo $SECRET1\nbigsecret\n$ echo $SECRET2\nlittlesecret\n"
-	s3Masked := "$ echo $SECRET1\n***\n$ echo $SECRET2\n***\n"
-
-	tests := []struct {
-		want    []byte
-		log     []byte
-		secrets []string
-	}{
-		{ // no secrets in log
-			want:    []byte(s1),
-			log:     []byte(s1),
-			secrets: sVals,
-		},
-		{ // one secret in log
-			want:    []byte(s2Masked),
-			log:     []byte(s2),
-			secrets: sVals,
-		},
-		{ // multiple secrets in log
-			want:    []byte(s3Masked),
-			log:     []byte(s3),
-			secrets: sVals,
-		},
-		{ // empty secrets slice
-			want:    []byte(s3),
-			log:     []byte(s3),
-			secrets: []string{},
-		},
-	}
-	// run tests
-	for _, test := range tests {
-		got := maskSecrets(test.log, test.secrets)
-
-		if !reflect.DeepEqual(got, test.want) {
-			t.Errorf("maskSecrets is %v, want %v", string(got), string(test.want))
-		}
-	}
-}

executor/local/service.go

@@ -140,8 +140,8 @@ func (c *client) DestroyService(ctx context.Context, ctn *pipeline.Container) er
 	if err != nil {
 		// create the service from the container
 		//
-		// https://pkg.go.dev/github.com/go-vela/types/library#ServiceFromContainer
-		_service = library.ServiceFromContainer(ctn)
+		// https://pkg.go.dev/github.com/go-vela/types/library#ServiceFromContainerEnvironment
+		_service = library.ServiceFromContainerEnvironment(ctn)
 	}
 
 	// defer an upload of the service

go.mod

@@ -11,7 +11,7 @@ require (
 	github.com/gin-gonic/gin v1.7.7
 	github.com/go-vela/sdk-go v0.11.0
 	github.com/go-vela/server v0.11.1-0.20211213155322-eeba06d5ce06
-	github.com/go-vela/types v0.11.1-0.20211221194436-28210cfa70c9
+	github.com/go-vela/types v0.11.1-0.20220119192503-0787a67e56da
 	github.com/google/go-cmp v0.5.7
 	github.com/joho/godotenv v1.4.0
 	github.com/opencontainers/image-spec v1.0.2

go.sum

@@ -208,8 +208,8 @@ github.com/go-vela/server v0.11.1-0.20211213155322-eeba06d5ce06 h1:5a2t2rh2/zD/+
 github.com/go-vela/server v0.11.1-0.20211213155322-eeba06d5ce06/go.mod h1:CG7MFRFVZ4s2ov4B2XRJles4R+vLD+3AMQw7O9qzk1c=
 github.com/go-vela/types v0.11.0/go.mod h1:8Oml/G1ATFTJsKdsIsstUuHVLsUv7pl6+EiIyOaUqH0=
 github.com/go-vela/types v0.11.1-0.20211117152001-4dc404f4aabc/go.mod h1:W00S1BayYQhCVqI4GuuhGjg173MOfU9UvK3JEDCr1aw=
-github.com/go-vela/types v0.11.1-0.20211221194436-28210cfa70c9 h1:wvbQB5W9P5F9etlG3T0bLfJd8Ct/SYWnCKCysqF6n1w=
-github.com/go-vela/types v0.11.1-0.20211221194436-28210cfa70c9/go.mod h1:W00S1BayYQhCVqI4GuuhGjg173MOfU9UvK3JEDCr1aw=
+github.com/go-vela/types v0.11.1-0.20220119192503-0787a67e56da h1:OiPwVjGdDFWl9rb+bIGZgMWtBVswBGjEpe0cVg4b09g=
+github.com/go-vela/types v0.11.1-0.20220119192503-0787a67e56da/go.mod h1:nMZJ/0tb0HO8/AVaJXHuR5slG9UPuP9or+CnkuyFcL4=
 github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
@@ -461,6 +461,7 @@ github.com/mattn/go-sqlite3 v2.0.3+incompatible/go.mod h1:FPy6KqzDD04eiIsT53CuJW
 github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/microcosm-cc/bluemonday v1.0.16/go.mod h1:Z0r70sCuXHig8YpBzCc5eGHAap2K7e/u082ZUpDRRqM=
+github.com/microcosm-cc/bluemonday v1.0.17/go.mod h1:Z0r70sCuXHig8YpBzCc5eGHAap2K7e/u082ZUpDRRqM=
 github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
 github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ=
 github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw=