Skip to content

Commit 1028917

Browse files
vadasambarvadasambar
committed
fix: redact sensitive fields when printing grpc request
1 parent b9b78c4 commit 1028917

File tree

1 file changed

+5
-3
lines changed

1 file changed

+5
-3
lines changed

cmd/plugin/node_server.go

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ import (
88

99
"github.com/container-storage-interface/spec/lib/go/csi"
1010
"github.com/containerd/containerd/reference/docker"
11+
"github.com/kubernetes-csi/csi-lib-utils/protosanitizer"
1112
"github.com/warm-metal/container-image-csi-driver/pkg/backend"
1213
"github.com/warm-metal/container-image-csi-driver/pkg/metrics"
1314
"github.com/warm-metal/container-image-csi-driver/pkg/remoteimage"
@@ -17,6 +18,7 @@ import (
1718
"google.golang.org/grpc/codes"
1819
"google.golang.org/grpc/status"
1920
cri "k8s.io/cri-api/pkg/apis/runtime/v1"
21+
2022
"k8s.io/klog/v2"
2123
k8smount "k8s.io/mount-utils"
2224
)
@@ -60,7 +62,7 @@ type NodeServer struct {
6062

6163
func (n NodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublishVolumeRequest) (resp *csi.NodePublishVolumeResponse, err error) {
6264
valuesLogger := klog.LoggerWithValues(klog.NewKlogr(), "pod-name", req.VolumeContext["pod-name"], "namespace", req.VolumeContext["namespace"], "uid", req.VolumeContext["uid"])
63-
valuesLogger.Info("Incoming NodePublishVolume request", "request string", req.String())
65+
valuesLogger.Info("Incoming NodePublishVolume request", "request string", protosanitizer.StripSecrets(req))
6466
if len(req.VolumeId) == 0 {
6567
err = status.Error(codes.InvalidArgument, "VolumeId is missing")
6668
return
@@ -173,13 +175,13 @@ func (n NodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublishV
173175
return
174176
}
175177

176-
valuesLogger.Info("Successfully completed NodePublishVolume request", "request string", req.String())
178+
valuesLogger.Info("Successfully completed NodePublishVolume request", "request string", protosanitizer.StripSecrets(req))
177179

178180
return &csi.NodePublishVolumeResponse{}, nil
179181
}
180182

181183
func (n NodeServer) NodeUnpublishVolume(ctx context.Context, req *csi.NodeUnpublishVolumeRequest) (resp *csi.NodeUnpublishVolumeResponse, err error) {
182-
klog.Infof("unmount request: %s", req.String())
184+
klog.Infof("unmount request: %s", protosanitizer.StripSecrets(req))
183185
if len(req.VolumeId) == 0 {
184186
err = status.Error(codes.InvalidArgument, "VolumeId is missing")
185187
return

0 commit comments

Comments
 (0)