mirror of
https://github.com/prometheus/prometheus.git
synced 2024-12-26 06:04:05 -08:00
config: Don't hide username, it's not secret.
Usernames are not generally considered to be secrets, and treating them as secrets may lead to confusion as to how secure they are. Obscuring them also makes debugging harder.
This commit is contained in:
parent
be8b83f48f
commit
1ddf75240d
|
@ -33,7 +33,7 @@ var (
|
||||||
patJobName = regexp.MustCompile(`^[a-zA-Z_][a-zA-Z0-9_-]*$`)
|
patJobName = regexp.MustCompile(`^[a-zA-Z_][a-zA-Z0-9_-]*$`)
|
||||||
patFileSDName = regexp.MustCompile(`^[^*]*(\*[^/]*)?\.(json|yml|yaml|JSON|YML|YAML)$`)
|
patFileSDName = regexp.MustCompile(`^[^*]*(\*[^/]*)?\.(json|yml|yaml|JSON|YML|YAML)$`)
|
||||||
patRulePath = regexp.MustCompile(`^[^*]*(\*[^/]*)?$`)
|
patRulePath = regexp.MustCompile(`^[^*]*(\*[^/]*)?$`)
|
||||||
patAuthLine = regexp.MustCompile(`((?:username|password|bearer_token|secret_key):\s+)(".+"|'.+'|[^\s]+)`)
|
patAuthLine = regexp.MustCompile(`((?:password|bearer_token|secret_key):\s+)(".+"|'.+'|[^\s]+)`)
|
||||||
)
|
)
|
||||||
|
|
||||||
// Load parses the YAML input s into a Config.
|
// Load parses the YAML input s into a Config.
|
||||||
|
|
|
@ -282,7 +282,7 @@ func TestLoadConfig(t *testing.T) {
|
||||||
|
|
||||||
// String method must not reveal authentication credentials.
|
// String method must not reveal authentication credentials.
|
||||||
s := c.String()
|
s := c.String()
|
||||||
if strings.Contains(s, "admin_name") || strings.Contains(s, "admin_password") {
|
if strings.Contains(s, "admin_password") {
|
||||||
t.Fatalf("config's String method reveals authentication credentials.")
|
t.Fatalf("config's String method reveals authentication credentials.")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue