rad:zwTxygwuz5LDGBq255RA2CbNGrz8 radicle-ci-broker425e42f815ed841d94b13a2724e7f1356cd4fc31{
"request": "trigger",
"version": 1,
"event_type": "patch",
"repository": {
"id": "rad:zwTxygwuz5LDGBq255RA2CbNGrz8",
"name": "radicle-ci-broker",
"description": "Radicle CI broker",
"private": false,
"default_branch": "main",
"delegates": [
"did:key:z6MkgEMYod7Hxfy9qCvDv5hYHkZ4ciWmLFgfvm3Wn1b2w2FV",
"did:key:z6MksFqXN3Yhqk8pTJdUGLwATkRfQvwZXPqR2qMEhbS9wzpT"
]
},
"action": "Created",
"patch": {
"id": "bc2cc001498199cb90a1b43d75b84cb12f829037",
"author": {
"id": "did:key:z6MkkpTPzcq1ybmjQyQpyre15JUeMvZY6toxoZVpLZ8YarsB",
"alias": "mzampetakis"
},
"title": "Chore: Prohibit cib from logging sensitive configuration",
"state": {
"status": "open",
"conflicts": []
},
"before": "975ce518fe49013d97583f610d6ad75c10df3991",
"after": "425e42f815ed841d94b13a2724e7f1356cd4fc31",
"commits": [
"425e42f815ed841d94b13a2724e7f1356cd4fc31"
],
"target": "975ce518fe49013d97583f610d6ad75c10df3991",
"labels": [],
"assignees": [],
"revisions": [
{
"id": "bc2cc001498199cb90a1b43d75b84cb12f829037",
"author": {
"id": "did:key:z6MkkpTPzcq1ybmjQyQpyre15JUeMvZY6toxoZVpLZ8YarsB",
"alias": "mzampetakis"
},
"description": "Changed debug2 with a newly added func adapter_config in cib\nwchich logs adapter's configuration without the sensitive\nenvironment variables.\n\nSigned-off-by: Michalis Zampetakis <mzampetakis@gmail.com>",
"base": "975ce518fe49013d97583f610d6ad75c10df3991",
"oid": "425e42f815ed841d94b13a2724e7f1356cd4fc31",
"timestamp": 1727121343
}
]
}
}.radicle/native.yamlshell: | cargo --version rustc --version cargo fmt --check cargo clippy --all-targets --workspace -- -Dwarnings cargo build --all-targets --workspace cargo doc --workspace cargo test --workspace --no-fail-fast subplot docgen ci-broker.subplot -o doc/ci-broker.html make -C doc publish
git clone /home/_rad/.radicle/storage/zwTxygwuz5LDGBq255RA2CbNGrz8 /srv/http/659f9b12-42b8-4521-beb6-a5e8dc8053e9/srcgit config advice.detachedHead falsegit checkout 425e42f815ed841d94b13a2724e7f1356cd4fc31git show 425e42f815ed841d94b13a2724e7f1356cd4fc31timeout 600 bash -c set -xeuo pipefail
cargo --version
rustc --version
cargo fmt --check
cargo clippy --all-targets --workspace -- -Dwarnings
cargo build --all-targets --workspace
cargo doc --workspace
cargo test --workspace --no-fail-fast
subplot docgen ci-broker.subplot -o doc/ci-broker.html
make -C doc publish
git clone /home/_rad/.radicle/storage/zwTxygwuz5LDGBq255RA2CbNGrz8 /srv/http/659f9b12-42b8-4521-beb6-a5e8dc8053e9/srcCommand arguments:
"git""clone""/home/_rad/.radicle/storage/zwTxygwuz5LDGBq255RA2CbNGrz8""/srv/http/659f9b12-42b8-4521-beb6-a5e8dc8053e9/src"In directory: /
Exit code: 0
Output (stdout and stderr):
Cloning into '/srv/http/659f9b12-42b8-4521-beb6-a5e8dc8053e9/src'... done.
git config advice.detachedHead falseCommand arguments:
"git""config""advice.detachedHead""false"In directory: /srv/http/659f9b12-42b8-4521-beb6-a5e8dc8053e9/src
Exit code: 0
git checkout 425e42f815ed841d94b13a2724e7f1356cd4fc31Command arguments:
"git""checkout""425e42f815ed841d94b13a2724e7f1356cd4fc31"In directory: /srv/http/659f9b12-42b8-4521-beb6-a5e8dc8053e9/src
Exit code: 0
Output (stdout and stderr):
HEAD is now at 425e42f Chore: Prohibit cib from logging sensitive configuration
git show 425e42f815ed841d94b13a2724e7f1356cd4fc31Command arguments:
"git""show""425e42f815ed841d94b13a2724e7f1356cd4fc31"In directory: /srv/http/659f9b12-42b8-4521-beb6-a5e8dc8053e9/src
Exit code: 0
Output (stdout and stderr):
commit 425e42f815ed841d94b13a2724e7f1356cd4fc31
Author: mzampetakis <mzampetakis@gmail.com>
Date: Mon Sep 23 22:37:14 2024 +0300
Chore: Prohibit cib from logging sensitive configuration
Changed debug2 with a newly added func adapter_config in cib
wchich logs adapter's configuration without the sensitive
environment variables.
Signed-off-by: Michalis Zampetakis <mzampetakis@gmail.com>
diff --git a/src/bin/cib.rs b/src/bin/cib.rs
index f5c240e..a40b4e4 100644
--- a/src/bin/cib.rs
+++ b/src/bin/cib.rs
@@ -141,7 +141,7 @@ impl QueuedCmd {
let adapter = Adapter::new(&spec.command)
.with_environment(spec.envs())
.with_environment(spec.sensitive_envs());
- logger::debug2(format!("default adapter: {adapter:?}"));
+ logger::adapter_config(&config);
broker.set_default_adapter(&adapter);
let mut event_notifications = NotificationChannel::default();
@@ -215,7 +215,7 @@ impl ProcessEventsCmd {
let adapter = Adapter::new(&spec.command)
.with_environment(spec.envs())
.with_environment(spec.sensitive_envs());
- logger::debug2(format!("default adapter: {adapter:?}"));
+ logger::adapter_config(&config);
broker.set_default_adapter(&adapter);
let processor = QueueProcessorBuilder::default()
diff --git a/src/logger.rs b/src/logger.rs
index 191ea4d..7fb3601 100644
--- a/src/logger.rs
+++ b/src/logger.rs
@@ -67,6 +67,9 @@ pub fn end_cib_in_error() {
pub fn loaded_config(config: &Config) {
debug!(slog_scope::logger(), "loaded configuration {config:#?}");
}
+pub fn adapter_config(config: &Config) {
+ debug!(slog_scope::logger(), "adapter configuration {config:#?}");
+}
pub fn queueproc_start() {
info!(
timeout 600 bash -c set -xeuo pipefail
cargo --version
rustc --version
cargo fmt --check
cargo clippy --all-targets --workspace -- -Dwarnings
cargo build --all-targets --workspace
cargo doc --workspace
cargo test --workspace --no-fail-fast
subplot docgen ci-broker.subplot -o doc/ci-broker.html
make -C doc publish
Command arguments:
"timeout""600""bash""-c""set -xeuo pipefail\ncargo --version\nrustc --version\n\ncargo fmt --check\ncargo clippy --all-targets --workspace -- -Dwarnings\ncargo build --all-targets --workspace\ncargo doc --workspace\ncargo test --workspace --no-fail-fast\n\nsubplot docgen ci-broker.subplot -o doc/ci-broker.html\nmake -C doc publish\n"In directory: /srv/http/659f9b12-42b8-4521-beb6-a5e8dc8053e9/src
Exit code: 101
Output (stdout and stderr):
+ cargo --version
cargo 1.80.1 (376290515 2024-07-16)
+ rustc --version
rustc 1.80.1 (3f5fd8dd4 2024-08-06)
+ cargo fmt --check
+ cargo clippy --all-targets --workspace -- -Dwarnings
Compiling proc-macro2 v1.0.86
Compiling unicode-ident v1.0.13
Compiling version_check v0.9.5
Compiling libc v0.2.158
Compiling typenum v1.17.0
Checking cfg-if v1.0.0
Compiling serde v1.0.210
Compiling shlex v1.3.0
Compiling thiserror v1.0.63
Compiling memchr v2.7.4
Compiling once_cell v1.20.0
Compiling byteorder v1.5.0
Compiling syn v1.0.109
Checking subtle v2.6.1
Compiling bitflags v2.6.0
Compiling pkg-config v0.3.30
Compiling rustix v0.38.37
Compiling crossbeam-utils v0.8.20
Compiling linux-raw-sys v0.4.14
Compiling anyhow v1.0.89
Compiling itoa v1.0.11
Compiling regex-syntax v0.8.4
Compiling generic-array v0.14.7
Compiling ahash v0.8.11
Compiling log v0.4.22
Checking cpufeatures v0.2.14
Compiling time-core v0.1.2
Compiling allocator-api2 v0.2.18
Compiling same-file v1.0.6
Compiling num-conv v0.1.0
Compiling aho-corasick v1.1.3
Compiling utf8parse v0.2.2
Compiling anstyle-parse v0.2.5
Compiling time-macros v0.2.18
Compiling walkdir v2.5.0
Compiling anstyle-query v1.1.1
Compiling ucd-trie v0.1.6
Compiling colorchoice v1.0.2
Compiling anstyle v1.0.8
Compiling is_terminal_polyfill v1.70.1
Compiling bstr v1.10.0
Compiling quote v1.0.37
Compiling vcpkg v0.2.15
Compiling powerfmt v0.2.0
Compiling unic-char-range v0.9.0
Compiling anstream v0.6.15
Compiling doc-comment v0.3.3
Compiling syn v2.0.77
Compiling jobserver v0.1.32
Compiling getrandom v0.2.15
Compiling crossbeam-epoch v0.9.18
Compiling unicode-width v0.1.13
Compiling rand_core v0.6.4
Compiling heck v0.5.0
Compiling cc v1.1.19
Compiling unic-common v0.9.0
Compiling libm v0.2.8
Compiling unic-ucd-version v0.9.0
Compiling crossbeam-deque v0.8.5
Compiling deranged v0.3.11
Compiling unic-char-property v0.9.0
Compiling unicase v2.7.0
Compiling proc-macro-error-attr v1.0.4
Compiling encoding_rs v0.8.34
Compiling fastrand v2.1.1
Compiling strsim v0.11.1
Checking tinyvec_macros v0.1.1
Compiling serde_json v1.0.128
Compiling clap_lex v0.7.2
Compiling arraydeque v0.5.1
Checking crypto-common v0.1.6
Checking block-padding v0.3.3
Checking block-buffer v0.10.4
Checking universal-hash v0.5.1
Checking inout v0.1.3
Compiling clap_builder v4.5.17
Checking tinyvec v1.8.0
Checking digest v0.10.7
Compiling unic-ucd-segment v0.9.0
Checking cipher v0.4.4
Compiling proc-macro-error v1.0.4
Compiling ryu v1.0.18
Compiling unicode-linebreak v0.1.5
Compiling pulldown-cmark v0.12.1
Compiling time v0.3.36
Compiling regex-automata v0.4.7
Compiling tempfile v3.12.0
Checking signature v1.6.4
Compiling deunicode v1.6.0
Checking opaque-debug v0.3.1
Compiling smawk v0.3.2
Compiling amplify_syn v2.0.1
Compiling slug v0.1.6
Checking unicode-normalization v0.1.23
Compiling textwrap v0.16.1
Compiling humansize v2.1.3
Checking ed25519 v1.5.3
Compiling unic-segment v0.9.0
Compiling getopts v0.2.21
Compiling subplot v0.11.0
Compiling pulldown-cmark-escape v0.11.0
Compiling lazy_static v1.5.0
Compiling libz-sys v1.1.20
Compiling pikchr v0.1.3
Compiling libgit2-sys v0.17.0+1.8.1
Checking amplify_num v0.5.3
Compiling humantime v2.1.0
Checking ct-codecs v1.1.2
Checking ascii v1.1.0
Checking percent-encoding v2.3.1
Compiling utf8-width v0.1.7
Checking unicode-bidi v0.3.15
Compiling html-escape v0.2.13
Checking form_urlencoded v1.2.1
Checking ec25519 v0.1.0
Compiling sqlite3-src v0.5.1
Checking polyval v0.6.2
Compiling amplify_derive v4.0.1
Checking sha2 v0.10.8
Compiling tracing-core v0.1.32
Checking idna v0.5.0
Compiling line-col v0.2.1
Checking base64ct v1.6.0
Compiling pin-project-lite v0.2.14
Compiling file_diff v1.0.0
Compiling base64 v0.22.1
Checking keccak v0.1.5
Checking pem-rfc7468 v0.7.0
Checking sha3 v0.10.8
Checking ghash v0.5.1
Checking aes v0.8.4
Compiling globset v0.4.15
Compiling regex v1.10.6
Checking ctr v0.9.2
Checking aead v0.5.2
Checking hashbrown v0.14.5
Checking base32 v0.4.0
Compiling cfg_aliases v0.2.1
Compiling data-encoding v2.6.0
Checking equivalent v1.0.1
Compiling nix v0.29.0
Compiling ignore v0.4.23
Compiling env_filter v0.1.2
Checking aes-gcm v0.10.3
Checking ssh-encoding v0.2.0
Compiling env_logger v0.11.5
Checking blowfish v0.9.1
Checking indexmap v2.5.0
Checking poly1305 v0.8.0
Checking chacha20 v0.9.1
Checking cbc v0.1.2
Checking pbkdf2 v0.12.2
Compiling adler2 v2.0.0
Checking radicle-std-ext v0.1.0
Checking zeroize v1.8.1
Compiling globwalk v0.9.1
Compiling miniz_oxide v0.8.0
Checking ssh-cipher v0.2.0
Compiling data-encoding-macro-internal v0.1.13
Checking bcrypt-pbkdf v0.10.0
Checking rand v0.8.5
Compiling xattr v1.3.1
Compiling filetime v0.2.25
Compiling crc32fast v1.4.2
Compiling slog v2.7.0
Checking signature v2.2.0
Checking base-x v0.2.11
Checking ssh-key v0.6.6
Compiling tar v0.4.41
Compiling flate2 v1.0.33
Checking qcheck v1.0.0
Checking data-encoding-macro v0.1.15
Checking cvt v0.1.2
Checking multibase v0.9.1
Compiling glob v0.3.1
Checking terminal_size v0.3.0
Checking radicle-dag v0.9.0
Checking amplify v4.7.0
Checking normpath v1.3.0
Compiling serde_yml v0.0.11
Checking base64 v0.21.7
Checking fs2 v0.4.3
Compiling radicle-surf v0.22.1
Checking state v0.5.3
Checking arc-swap v1.7.1
Checking unescape v0.1.0
Checking crossbeam-channel v0.5.13
Checking cyphergraphy v0.3.0
Checking siphasher v1.0.1
Checking shell-words v1.1.0
Checking fs_at v0.2.1
Checking libyml v0.0.4
Compiling serde_derive v1.0.210
Compiling thiserror-impl v1.0.63
Compiling zerocopy-derive v0.7.35
Compiling clap_derive v4.5.13
Compiling git-testament-derive v0.2.0
Compiling tracing-attributes v0.1.27
Checking cypheraddr v0.4.0
Compiling culpa-macros v1.0.2
Checking remove_dir_all v0.8.3
Checking html-page v0.4.0
Checking slog-scope v4.4.0
Checking socks5-client v0.4.1
Checking uuid v1.10.0
Checking cyphernet v0.5.2
Compiling ctor v0.2.8
Compiling git-testament v0.2.5
Compiling zerocopy v0.7.35
Compiling culpa v1.0.2
Compiling pest v2.7.12
Compiling git-ref-format-core v0.3.1
Checking radicle-ssh v0.9.0
Compiling subplotlib-derive v0.11.0
Compiling tracing v0.1.40
Compiling ppv-lite86 v0.2.20
Compiling git-ref-format-macro v0.3.1
Compiling clap v4.5.17
Compiling rand_chacha v0.3.1
Compiling hashlink v0.8.4
Compiling hashlink v0.9.1
Compiling pest_meta v2.7.12
Compiling yaml-rust2 v0.8.1
Compiling tempfile-fast v0.3.4
Compiling pest_generator v2.7.12
Compiling pest_derive v2.7.12
Checking url v2.5.2
Checking nonempty v0.9.0
Checking localtime v1.3.1
Compiling serde_path_to_error v0.1.16
Checking git-ref-format v0.3.1
Compiling marked-yaml v0.7.1
Checking slog-json v2.6.1
Compiling roadmap v0.6.1
Compiling tera v1.20.0
Checking git2 v0.19.0
Checking radicle-git-ext v0.8.1
Compiling subplot-build v0.11.0
Compiling subplotlib v0.11.0
Compiling radicle-ci-broker v0.6.3 (/srv/http/659f9b12-42b8-4521-beb6-a5e8dc8053e9/src)
Checking sqlite3-sys v0.15.2
Checking sqlite v0.32.0
Checking radicle-crypto v0.11.0
Checking radicle-cob v0.12.0
Checking radicle v0.13.0
error: this expression creates a reference which is immediately dereferenced by the compiler
--> src/bin/cib.rs:144:32
|
144 | logger::adapter_config(&config);
| ^^^^^^^ help: change this to: `config`
|
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow
= note: `-D clippy::needless-borrow` implied by `-D warnings`
= help: to override `-D warnings` add `#[allow(clippy::needless_borrow)]`
error: this expression creates a reference which is immediately dereferenced by the compiler
--> src/bin/cib.rs:218:32
|
218 | logger::adapter_config(&config);
| ^^^^^^^ help: change this to: `config`
|
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow
error: could not compile `radicle-ci-broker` (bin "cib") due to 2 previous errors
warning: build failed, waiting for other jobs to finish...
error: could not compile `radicle-ci-broker` (bin "cib" test) due to 2 previous errors