Dump Pod Status in logs instead of complete PodSpec (#1506)

* Dump Only Pod Status instead of all pod spec in case of error * Update SafeDumpPodStatusObject to use pod object as input * Remove SafeDumpPodStatusObject func * Fix Lint * Update pkg/kube/pod.go Co-authored-by: Pavan Navarathna <6504783+pavannd1@users.noreply.github.com> Co-authored-by: Pavan Navarathna <6504783+pavannd1@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
kanisterio · Jun 28, 2022 · 3e48f2d · 3e48f2d
1 parent 26959e7
commit 3e48f2d
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 115 deletions.
diff --git a/pkg/kube/pod.go b/pkg/kube/pod.go
@@ -299,7 +299,7 @@ func WaitForPodCompletion(ctx context.Context, cli kubernetes.Interface, namespa
 		}
 		switch p.Status.Phase {
 		case v1.PodFailed:
-			return false, errors.Errorf("Pod %s failed. Pod details (%s)", name, log.SafeDumpPodObject(p))
+			return false, errors.Errorf("Pod %s failed. Pod status: %s", name, p.Status.String())
 		}
 		return p.Status.Phase == v1.PodSucceeded, nil
 	})

diff --git a/pkg/log/log.go b/pkg/log/log.go
@@ -10,7 +10,6 @@ import (
 
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	v1 "k8s.io/api/core/v1"
 
 	"github.com/kanisterio/kanister/pkg/caller"
 	"github.com/kanisterio/kanister/pkg/config"
@@ -31,8 +30,6 @@ const (
 	// LevelVarName is the environment variable that controls
 	// init log levels
 	LevelEnvName = "LOG_LEVEL"
-
-	redactString = "<*****>"
 )
 
 // OutputSink describes the current output sink.
@@ -257,20 +254,3 @@ func entryToJSON(entry *logrus.Entry) []byte {
 
 	return bytes
 }
-
-// SafeDumpPodObject redacts commands and args in Pod manifest to hide sensitive info,
-// converts Pod object into string and returns it
-func SafeDumpPodObject(pod *v1.Pod) string {
-	if pod == nil {
-		return ""
-	}
-	for i := range pod.Spec.Containers {
-		if pod.Spec.Containers[i].Command != nil {
-			pod.Spec.Containers[i].Command = []string{redactString}
-		}
-		if pod.Spec.Containers[i].Args != nil {
-			pod.Spec.Containers[i].Args = []string{redactString}
-		}
-	}
-	return pod.String()
-}
diff --git a/pkg/log/log_test.go b/pkg/log/log_test.go
@@ -5,16 +5,12 @@ import (
 	"context"
 	"encoding/json"
 	"errors"
-	"fmt"
 	"os"
-	"strings"
 	"testing"
 	"time"
 
 	"github.com/sirupsen/logrus"
 	. "gopkg.in/check.v1"
-	corev1 "k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
 	"github.com/kanisterio/kanister/pkg/field"
 )
@@ -157,93 +153,3 @@ func (s *LogSuite) TestLogLevel(c *C) {
 	c.Assert(entry, NotNil)
 	c.Assert(entry["msg"], Equals, "Testing debug level")
 }
-
-func (s *LogSuite) TestSafeDumpPodObject(c *C) {
-	for _, tc := range []struct {
-		pod        *corev1.Pod
-		expCommand string
-		expArgs    string
-	}{
-		// Nil Pod object
-		{
-			pod: nil,
-		},
-		// Pod object with command and arg set
-		{
-			pod: &corev1.Pod{
-				TypeMeta: metav1.TypeMeta{
-					Kind:       "Pod",
-					APIVersion: "v1",
-				},
-				ObjectMeta: metav1.ObjectMeta{
-					Name: "test",
-				},
-				Spec: corev1.PodSpec{
-					Containers: []corev1.Container{
-						corev1.Container{
-							Name:            "test",
-							Image:           "nginx:1.12",
-							ImagePullPolicy: corev1.PullPolicy("IfNotPresent"),
-							Command:         []string{"sh", "-c"},
-							Args:            []string{"username=\"admin\", password=\"admin123\""},
-						},
-					},
-				},
-			},
-			expCommand: redactString,
-			expArgs:    redactString,
-		},
-		// Pod object without command or arg set
-		{
-			pod: &corev1.Pod{
-				TypeMeta: metav1.TypeMeta{
-					Kind:       "Pod",
-					APIVersion: "v1",
-				},
-				ObjectMeta: metav1.ObjectMeta{
-					Name: "test",
-				},
-				Spec: corev1.PodSpec{
-					Containers: []corev1.Container{
-						corev1.Container{
-							Name:            "test",
-							Image:           "nginx:1.12",
-							ImagePullPolicy: corev1.PullPolicy("IfNotPresent"),
-						},
-					},
-				},
-			},
-		},
-		// Pod object with only command set
-		{
-			pod: &corev1.Pod{
-				TypeMeta: metav1.TypeMeta{
-					Kind:       "Pod",
-					APIVersion: "v1",
-				},
-				ObjectMeta: metav1.ObjectMeta{
-					Name: "test",
-				},
-				Spec: corev1.PodSpec{
-					Containers: []corev1.Container{
-						corev1.Container{
-							Name:            "test",
-							Image:           "nginx:1.12",
-							ImagePullPolicy: corev1.PullPolicy("IfNotPresent"),
-							Command:         []string{"sh", "-c", "kando location push --profile '{\"Location\":{\"type\":\"s3Compliant\",\"bucket\":\"kanister.io\",\"endpoint\":\"\",\"prefix\":\"\",\"region\":\"ap-south-1\"},\"Credential\":{\"Type\":\"keyPair\",\"KeyPair\":{\"ID\":\"AKIAPEXAMPLE\",\"Secret\":\"5q1aiajkSAKEXAMPLE\"},\"Secret\":null},\"SkipSSLVerify\":false}' --path \"pg_backups/test-postgresql-instance-xwqp10ywg/2020-01-02T06:58:28Z/backup.tar.gz\""},
-						},
-					},
-				},
-			},
-			expCommand: redactString,
-		},
-	} {
-		s := SafeDumpPodObject(tc.pod)
-		if tc.pod == nil {
-			c.Assert(s, Equals, "")
-			continue
-		}
-		c.Assert(strings.Contains(s, fmt.Sprintf("Command:[%s]", tc.expCommand)), Equals, true)
-		c.Assert(strings.Contains(s, fmt.Sprintf("Args:[%s]", tc.expArgs)), Equals, true)
-	}
-}