From 63571e1334980316f7339bb7e91594eeee803a22 Mon Sep 17 00:00:00 2001 From: Alexander Rickardsson Date: Mon, 18 Oct 2021 09:20:26 +0200 Subject: [PATCH] vmalert: Redact passwords from error messages (#1713) --- app/vmalert/datasource/vm.go | 4 ++-- app/vmalert/datasource/vm_graphite_api.go | 2 +- app/vmalert/datasource/vm_prom_api.go | 4 ++-- app/vmalert/remotewrite/remotewrite.go | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/app/vmalert/datasource/vm.go b/app/vmalert/datasource/vm.go index a6058dec8e..34a83d3412 100644 --- a/app/vmalert/datasource/vm.go +++ b/app/vmalert/datasource/vm.go @@ -132,12 +132,12 @@ func (s *VMStorage) QueryRange(ctx context.Context, query string, start, end tim func (s *VMStorage) do(ctx context.Context, req *http.Request) (*http.Response, error) { resp, err := s.c.Do(req.WithContext(ctx)) if err != nil { - return nil, fmt.Errorf("error getting response from %s: %w", req.URL, err) + return nil, fmt.Errorf("error getting response from %s: %w", req.URL.Redacted(), err) } if resp.StatusCode != http.StatusOK { body, _ := ioutil.ReadAll(resp.Body) _ = resp.Body.Close() - return nil, fmt.Errorf("unexpected response code %d for %s. Response body %s", resp.StatusCode, req.URL, body) + return nil, fmt.Errorf("unexpected response code %d for %s. Response body %s", resp.StatusCode, req.URL.Redacted(), body) } return resp, nil } diff --git a/app/vmalert/datasource/vm_graphite_api.go b/app/vmalert/datasource/vm_graphite_api.go index 3c6a2ab341..36b89e187e 100644 --- a/app/vmalert/datasource/vm_graphite_api.go +++ b/app/vmalert/datasource/vm_graphite_api.go @@ -38,7 +38,7 @@ func (r graphiteResponse) metrics() []Metric { func parseGraphiteResponse(req *http.Request, resp *http.Response) ([]Metric, error) { r := &graphiteResponse{} if err := json.NewDecoder(resp.Body).Decode(r); err != nil { - return nil, fmt.Errorf("error parsing graphite metrics for %s: %w", req.URL, err) + return nil, fmt.Errorf("error parsing graphite metrics for %s: %w", req.URL.Redacted(), err) } return r.metrics(), nil } diff --git a/app/vmalert/datasource/vm_prom_api.go b/app/vmalert/datasource/vm_prom_api.go index 62154c3134..dcffe2dc1c 100644 --- a/app/vmalert/datasource/vm_prom_api.go +++ b/app/vmalert/datasource/vm_prom_api.go @@ -82,10 +82,10 @@ const ( func parsePrometheusResponse(req *http.Request, resp *http.Response) ([]Metric, error) { r := &promResponse{} if err := json.NewDecoder(resp.Body).Decode(r); err != nil { - return nil, fmt.Errorf("error parsing prometheus metrics for %s: %w", req.URL, err) + return nil, fmt.Errorf("error parsing prometheus metrics for %s: %w", req.URL.Redacted(), err) } if r.Status == statusError { - return nil, fmt.Errorf("response error, query: %s, errorType: %s, error: %s", req.URL, r.ErrorType, r.Error) + return nil, fmt.Errorf("response error, query: %s, errorType: %s, error: %s", req.URL.Redacted(), r.ErrorType, r.Error) } if r.Status != statusSuccess { return nil, fmt.Errorf("unknown status: %s, Expected success or error ", r.Status) diff --git a/app/vmalert/remotewrite/remotewrite.go b/app/vmalert/remotewrite/remotewrite.go index 30d948224d..035f2af77e 100644 --- a/app/vmalert/remotewrite/remotewrite.go +++ b/app/vmalert/remotewrite/remotewrite.go @@ -246,13 +246,13 @@ func (c *Client) send(ctx context.Context, data []byte) error { resp, err := c.c.Do(req.WithContext(ctx)) if err != nil { return fmt.Errorf("error while sending request to %s: %w; Data len %d(%d)", - req.URL, err, len(data), r.Size()) + req.URL.Redacted(), err, len(data), r.Size()) } defer func() { _ = resp.Body.Close() }() if resp.StatusCode != http.StatusNoContent && resp.StatusCode != http.StatusOK { body, _ := ioutil.ReadAll(resp.Body) return fmt.Errorf("unexpected response code %d for %s. Response body %q", - resp.StatusCode, req.URL, body) + resp.StatusCode, req.URL.Redacted(), body) } return nil }