Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[recorder] Sanitize tokens in recorded tests for auth #14431

Closed
annelo-msft opened this issue Mar 23, 2021 · 5 comments
Closed

[recorder] Sanitize tokens in recorded tests for auth #14431

annelo-msft opened this issue Mar 23, 2021 · 5 comments
Assignees
@jeremymeng @HarshaNalluru
Labels
Client This issue points to a problem in the data-plane of the library. test-utils-recorder Label for the issues related to the common recorder
Milestone
[2022] March

Comments

@annelo-msft
Copy link
Member

We'll need to sanitize token values in both headers and message bodies in our tests once.

In the .NET test framework, I needed to add:

  • Sanitization for tokens in headers values
  • Sanitization for tokens in message bodies

For message bodies, .NET did not support sanitization of application/x-www-form-urlencoded content types. This needed to be added specially to the ACR-specific sanitizer.

I don't know how the test framework works in other languages, but this issue represents the work to investigate and implement sanitization in recorded tests so we don't check in secrets in our test recordings.
@annelo-msft annelo-msft added Client This issue points to a problem in the data-plane of the library. Container Registry labels Mar 23, 2021
@annelo-msft annelo-msft added this to the [2021] April milestone Mar 23, 2021
@HarshaNalluru
Copy link
Member

Thanks for the issue @annelo-msft.
Can you point me to the PR or the code that you have added to .NET test framework for reference?

@annelo-msft
Copy link
Member Author

Sure!

Here is the PR: Azure/azure-sdk-for-net#19696

You can see the ContainerRegistryRecordedTestSanitizer class I added for .NET here: https://github.com/Azure/azure-sdk-for-net/pull/19696/files?file-filters%5B%5D=.cs#diff-df9ae6fe8cf7eaf74104691a4fe7b2aeb4890d35aa6432ec4688154451429879R11

@jeremymeng jeremymeng changed the title Sanitize tokens in recorded tests for auth [ContainerRegistry] Sanitize tokens in recorded tests for auth Mar 23, 2021
@jeremymeng jeremymeng changed the title [ContainerRegistry] Sanitize tokens in recorded tests for auth Sanitize tokens in recorded tests for auth Mar 23, 2021
@HarshaNalluru HarshaNalluru modified the milestones: [2021] April, [2021] May Apr 2, 2021
@jeremymeng
Copy link
Contributor

Currently done in ACR

@jeremymeng jeremymeng changed the title Sanitize tokens in recorded tests for auth [ACR] Sanitize tokens in recorded tests for auth Apr 8, 2021
@jeremymeng jeremymeng changed the title [ACR] Sanitize tokens in recorded tests for auth [recorder] Sanitize tokens in recorded tests for auth Apr 8, 2021
@jeremymeng jeremymeng added test-utils-recorder Label for the issues related to the common recorder and removed Container Registry labels May 6, 2021
@jeremymeng jeremymeng modified the milestones: [2021] May, [2021] June May 12, 2021
@jeremymeng jeremymeng modified the milestones: [2021] December, Backlog Nov 30, 2021
@jeremymeng
Copy link
Contributor

I believe this has been addressed in the unified recorder?

@HarshaNalluru HarshaNalluru modified the milestones: Backlog, [2022] March Feb 15, 2022
@HarshaNalluru
Copy link
Member

Yes 😎

@github-actions github-actions bot locked and limited conversation to collaborators Apr 12, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@jeremymeng jeremymeng

@HarshaNalluru HarshaNalluru

Labels
Client This issue points to a problem in the data-plane of the library. test-utils-recorder Label for the issues related to the common recorder
Projects
None yet
Milestone
[2022] March
Development

No branches or pull requests
3 participants
@jeremymeng @HarshaNalluru @annelo-msft