Commit 40c38644 authored by Robert Speicher's avatar Robert Speicher

Merge branch 'add-parameters' into 'master'

Add more parameters to the filter_parameters config.

Adds Sentry DSN, Webhooks, Deploy Keys, etc.

Alphabetized the parameters and included line breaks between each parameter. Easier to merge into EE if there are any differences.

This also seems to be the more popular syntax for adding new parameters, from what I can find.

In the future we may want to [increase the specificity of some of these](http://blog.bigbinary.com/2016/03/07/parameter-filtering-enhacement-rails-5.html) once Rails 5 is out. e.g. instead of `:hook`, `"hook.url"` would be just as effective without removing potentially useful information from the logs.

cc: @stanhu 

See merge request !3971
parents 11773f3f 8d3debe4
...@@ -32,7 +32,30 @@ module Gitlab ...@@ -32,7 +32,30 @@ module Gitlab
config.encoding = "utf-8" config.encoding = "utf-8"
# Configure sensitive parameters which will be filtered from the log file. # Configure sensitive parameters which will be filtered from the log file.
config.filter_parameters.push(:password, :password_confirmation, :private_token, :otp_attempt, :variables, :import_url) #
# Parameters filtered:
# - Password (:password, :password_confirmation)
# - Private tokens (:private_token)
# - Two-factor tokens (:otp_attempt)
# - Repo/Project Import URLs (:import_url)
# - Build variables (:variables)
# - GitLab Pages SSL cert/key info (:certificate, :encrypted_key)
# - Webhook URLs (:hook)
# - Sentry DSN (:sentry_dsn)
# - Deploy keys (:key)
config.filter_parameters += %i(
certificate
encrypted_key
hook
import_url
key
otp_attempt
password
password_confirmation
private_token
sentry_dsn
variables
)
# Enable escaping HTML in JSON. # Enable escaping HTML in JSON.
config.active_support.escape_html_entities_in_json = true config.active_support.escape_html_entities_in_json = true
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment