sigs.k8s.io/cluster-api-provider-azure@v1.14.3/hack/log/redact.sh (about) 1 #!/usr/bin/env bash 2 3 # Copyright 2020 The Kubernetes Authors. 4 # 5 # Licensed under the Apache License, Version 2.0 (the "License"); 6 # you may not use this file except in compliance with the License. 7 # You may obtain a copy of the License at 8 # 9 # http://www.apache.org/licenses/LICENSE-2.0 10 # 11 # Unless required by applicable law or agreed to in writing, software 12 # distributed under the License is distributed on an "AS IS" BASIS, 13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 # See the License for the specific language governing permissions and 15 # limitations under the License. 16 17 set -o errexit 18 set -o nounset 19 set -o pipefail 20 21 echo "================ REDACTING LOGS ================" 22 23 log_files=() 24 while IFS='' read -r line; do log_files+=("$line"); done < <(find "${ARTIFACTS:-${PWD}/_artifacts}" -type f) 25 redact_vars=( 26 "${AZURE_CLIENT_ID:-}" 27 "${AZURE_CLIENT_SECRET:-}" 28 "${AZURE_SUBSCRIPTION_ID:-}" 29 "${AZURE_TENANT_ID:-}" 30 "${AZURE_JSON_B64:-}" 31 "$(echo -n "${AZURE_SUBSCRIPTION_ID:-}" | base64 | tr -d '\n')" 32 "$(echo -n "${AZURE_TENANT_ID:-}" | base64 | tr -d '\n')" 33 "$(echo -n "${AZURE_CLIENT_ID:-}" | base64 | tr -d '\n')" 34 "$(echo -n "${AZURE_CLIENT_SECRET:-}" | base64 | tr -d '\n')" 35 ) 36 37 for log_file in "${log_files[@]}"; do 38 for redact_var in "${redact_vars[@]}"; do 39 # LC_CTYPE=C and LANG=C will prevent "illegal byte sequence" error from sed 40 if [[ "$(uname)" == "Darwin" ]]; then 41 # sed on Mac OS requires an empty string for -i flag 42 LC_CTYPE=C LANG=C sed -i "" "s|${redact_var}|===REDACTED===|g" "${log_file}" &> /dev/null || true 43 else 44 LC_CTYPE=C LANG=C sed -i "s|${redact_var}|===REDACTED===|g" "${log_file}" &> /dev/null || true 45 fi 46 done 47 done 48 49 echo "All sensitive variables are redacted"