From 789e6d2f5565217ef456460d7769b1b1cd725ce0 Mon Sep 17 00:00:00 2001 From: Jesse Glick Date: Wed, 23 Jun 2021 14:56:33 -0400 Subject: [PATCH] Use `SecretPatterns` from `MaskingConsoleLogFilter` --- pom.xml | 7 ++- .../MaskingConsoleLogFilter.java | 56 +------------------ 2 files changed, 8 insertions(+), 55 deletions(-) diff --git a/pom.xml b/pom.xml index 93f5799..0eeb6f1 100644 --- a/pom.xml +++ b/pom.xml @@ -63,7 +63,7 @@ io.jenkins.tools.bom bom-2.277.x - 807.v6d348e44c987 + 876.vc43b4c6423b6 import pom @@ -114,6 +114,11 @@ workflow-api true + + org.jenkins-ci.plugins + credentials-binding + 1.26-rc457.6dc28f0f8735 + org.jenkins-ci.plugins.workflow workflow-support diff --git a/src/main/java/org/jenkinsci/plugins/azurekeyvaultplugin/MaskingConsoleLogFilter.java b/src/main/java/org/jenkinsci/plugins/azurekeyvaultplugin/MaskingConsoleLogFilter.java index 2b7cb38..c0e21d4 100644 --- a/src/main/java/org/jenkinsci/plugins/azurekeyvaultplugin/MaskingConsoleLogFilter.java +++ b/src/main/java/org/jenkinsci/plugins/azurekeyvaultplugin/MaskingConsoleLogFilter.java @@ -1,19 +1,12 @@ package org.jenkinsci.plugins.azurekeyvaultplugin; import hudson.console.ConsoleLogFilter; -import hudson.console.LineTransformationOutputStream; import hudson.model.Run; -import java.io.IOException; import java.io.OutputStream; import java.io.Serializable; -import java.util.ArrayList; -import java.util.Collection; import java.util.List; -import java.util.regex.Matcher; -import java.util.regex.Pattern; -import org.apache.commons.lang3.StringUtils; +import org.jenkinsci.plugins.credentialsbinding.masking.SecretPatterns; -/*The logic in this class is borrowed from https://github.com/jenkinsci/credentials-binding-plugin/*/ public class MaskingConsoleLogFilter extends ConsoleLogFilter implements Serializable { private static final long serialVersionUID = 1L; @@ -34,52 +27,7 @@ public OutputStream decorateLogger( Run run, final OutputStream logger ) { - return new LineTransformationOutputStream() { - Pattern p; - - @Override - protected void eol(byte[] b, int len) throws IOException { - p = Pattern.compile(getPatternStringForSecrets(valuesToMask)); - if (StringUtils.isBlank(p.pattern())) { - logger.write(b, 0, len); - return; - } - Matcher m = p.matcher(new String(b, 0, len, charsetName)); - if (m.find()) { - logger.write(m.replaceAll("****").getBytes(charsetName)); - } else { - // Avoid byte → char → byte conversion unless we are actually doing something. - logger.write(b, 0, len); - } - } - }; + return new SecretPatterns.MaskingOutputStream(logger, () -> SecretPatterns.getAggregateSecretPattern(valuesToMask), charsetName); } - /** - * Utility method for turning a collection of secret strings into a single {@link String} for pattern compilation. - * - * @param secrets A collection of secret strings - * @return A {@link String} generated from that collection. - */ - public static String getPatternStringForSecrets(Collection secrets) { - if (secrets == null) { - return ""; - } - StringBuilder b = new StringBuilder(); - List sortedByLength = new ArrayList<>(secrets.size()); - for (String secret : secrets) { - if (secret != null) { - sortedByLength.add(secret); - } - } - sortedByLength.sort((o1, o2) -> o2.length() - o1.length()); - - for (String secret : sortedByLength) { - if (b.length() > 0) { - b.append('|'); - } - b.append(Pattern.quote(secret)); - } - return b.toString(); - } }