Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3744803
D12819.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
2 KB
Referenced Files
None
Subscribers
None
D12819.diff
View Options
diff --git a/services/identity/src/config.rs b/services/identity/src/config.rs
--- a/services/identity/src/config.rs
+++ b/services/identity/src/config.rs
@@ -12,8 +12,8 @@
cors::ALLOW_ORIGIN_LIST, cors::PROD_ORIGIN_HOST_STR,
DEFAULT_OPENSEARCH_ENDPOINT, DEFAULT_TUNNELBROKER_ENDPOINT,
KEYSERVER_PUBLIC_KEY, LOCALSTACK_ENDPOINT, OPAQUE_SERVER_SETUP,
- OPENSEARCH_ENDPOINT, SECRETS_DIRECTORY, SECRETS_SETUP_FILE,
- TUNNELBROKER_GRPC_ENDPOINT,
+ OPENSEARCH_ENDPOINT, REDACT_SENSITIVE_DATA, SECRETS_DIRECTORY,
+ SECRETS_SETUP_FILE, TUNNELBROKER_GRPC_ENDPOINT,
};
/// Raw CLI arguments, should be only used internally to create ServerConfig
@@ -60,6 +60,11 @@
#[arg(env = ALLOW_ORIGIN_LIST)]
#[arg(value_delimiter = ',')]
allow_origin_list: Option<Vec<String>>,
+
+ /// Redact sensitive data
+ #[arg(long, global = true, default_value_t = false)]
+ #[arg(env = REDACT_SENSITIVE_DATA)]
+ redact_sensitive_data: bool,
}
#[derive(Subcommand)]
@@ -85,6 +90,7 @@
pub tunnelbroker_endpoint: String,
pub opensearch_endpoint: String,
pub allow_origin: Option<AllowOrigin>,
+ pub redact_sensitive_data: bool,
}
impl ServerConfig {
@@ -119,6 +125,7 @@
server_setup,
keyserver_public_key,
allow_origin,
+ redact_sensitive_data: cli.redact_sensitive_data,
})
}
}
diff --git a/services/identity/src/constants.rs b/services/identity/src/constants.rs
--- a/services/identity/src/constants.rs
+++ b/services/identity/src/constants.rs
@@ -331,6 +331,7 @@
// Tracing
pub const COMM_SERVICES_USE_JSON_LOGS: &str = "COMM_SERVICES_USE_JSON_LOGS";
+pub const REDACT_SENSITIVE_DATA: &str = "REDACT_SENSITIVE_DATA";
// Regex
diff --git a/services/terraform/remote/service_identity.tf b/services/terraform/remote/service_identity.tf
--- a/services/terraform/remote/service_identity.tf
+++ b/services/terraform/remote/service_identity.tf
@@ -87,6 +87,10 @@
{
name = "COMM_SERVICES_USE_JSON_LOGS",
value = local.comm_services_use_json_logs
+ },
+ {
+ name = "REDACT_SENSITIVE_DATA",
+ value = local.is_staging ? "false" : "true"
}
]
secrets = [
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Fri, Jan 10, 3:50 PM (15 h, 18 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2852125
Default Alt Text
D12819.diff (2 KB)
Attached To
Mode
D12819: [identity] redact_sensitive_data config
Attached
Detach File
Event Timeline
Log In to Comment