Merge branch 'sh-allow-key-id-in-params' into 'master'

Filter any parameters ending with "key" in logs See merge request gitlab-org/gitlab-ce!21688
2018-09-11 23:09:03 +00:00 · 2018-09-11 23:09:03 +00:00 · 32062a9154
commit 32062a9154
parent a2be6536e9 5c79c68ee7
2 changed files with 7 additions and 3 deletions
--- a/changelogs/unreleased/sh-allow-key-id-in-params.yml
+++ b/changelogs/unreleased/sh-allow-key-id-in-params.yml
@ -0,0 +1,5 @@
+---
+title: Filter any parameters ending with "key" in logs
+merge_request: 21688
+author:
+type: changed
--- a/config/application.rb
+++ b/config/application.rb
@ -85,6 +85,7 @@ module Gitlab
    # - Any parameter ending with `token`
    # - Any parameter containing `password`
    # - Any parameter containing `secret`
+    # - Any parameter ending with `key`
    # - Two-factor tokens (:otp_attempt)
    # - Repo/Project Import URLs (:import_url)
    # - Build traces (:trace)
@ -92,15 +93,13 @@ module Gitlab
    # - GitLab Pages SSL cert/key info (:certificate, :encrypted_key)
    # - Webhook URLs (:hook)
    # - Sentry DSN (:sentry_dsn)
-    # - Deploy keys (:key)
    # - File content from Web Editor (:content)
-    config.filter_parameters += [/token$/, /password/, /secret/]
+    config.filter_parameters += [/token$/, /password/, /secret/, /key$/]
    config.filter_parameters += %i(
      certificate
      encrypted_key
      hook
      import_url
-      key
      otp_attempt
      sentry_dsn
      trace