github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add --experimental-logging-sanitization flag to Kubelet

Browse Source 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
This commit is contained in:
Marek Siarkowicz
2020-11-09 16:24:07 +01:00
parent f170d33e1f
commit 8e60d75c15
7 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
staging/src/k8s.io/component-base/config/types.go
View File

@@ -80,9 +80,12 @@ type DebuggingConfiguration struct {
}
// LoggingConfiguration contains logging options
// Refer [Logs Options](https://github.com/kubernetes/component-base/blob/master/logs/options.go) for more information.
type LoggingConfiguration struct {
// Format Flag specifies the structure of log messages.
// default value of format is `text`
// Refer [Logs Options](https://github.com/kubernetes/component-base/blob/master/logs/options.go) for more information.
Format string
// [Experimental] When enabled prevents logging of fields tagged as sensitive (passwords, keys, tokens).
// Runtime log sanitization may introduce significant computation overhead and therefore should not be enabled in production.`)
Sanitization bool
}

5
staging/src/k8s.io/component-base/config/v1alpha1/types.go
View File

@@ -82,9 +82,12 @@ type ClientConnectionConfiguration struct {
}
// LoggingConfiguration contains logging options
// Refer [Logs Options](https://github.com/kubernetes/component-base/blob/master/logs/options.go) for more information.
type LoggingConfiguration struct {
// Format Flag specifies the structure of log messages.
// default value of format is `text`
// Refer [Logs Options](https://github.com/kubernetes/component-base/blob/master/logs/options.go) for more information.
Format string `json:"format,omitempty"`
// [Experimental] When enabled prevents logging of fields tagged as sensitive (passwords, keys, tokens).
// Runtime log sanitization may introduce significant computation overhead and therefore should not be enabled in production.`)
Sanitization bool `json:"sanitization,omitempty"`
}

2
staging/src/k8s.io/component-base/config/v1alpha1/zz_generated.conversion.go generated
View File

@@ -143,10 +143,12 @@ func autoConvert_config_LeaderElectionConfiguration_To_v1alpha1_LeaderElectionCo
func autoConvert_v1alpha1_LoggingConfiguration_To_config_LoggingConfiguration(in *LoggingConfiguration, out *config.LoggingConfiguration, s conversion.Scope) error {
out.Format = in.Format
out.Sanitization = in.Sanitization
return nil
}
func autoConvert_config_LoggingConfiguration_To_v1alpha1_LoggingConfiguration(in *config.LoggingConfiguration, out *LoggingConfiguration, s conversion.Scope) error {
out.Format = in.Format
out.Sanitization = in.Sanitization
return nil
}

2
staging/src/k8s.io/component-base/logs/options.go
View File

@@ -90,7 +90,7 @@ func (o *Options) AddFlags(fs *pflag.FlagSet) {
// No new log formats should be added after generation is of flag options
logRegistry.Freeze()
fs.BoolVar(&o.LogSanitization, "experimental-logging-sanitization", false, `[Experimental] When enabled prevents logging of fields that tagged as sensitive (passwords, keys, tokens).
fs.BoolVar(&o.LogSanitization, "experimental-logging-sanitization", o.LogSanitization, `[Experimental] When enabled prevents logging of fields tagged as sensitive (passwords, keys, tokens).
Runtime log sanitization may introduce significant computation overhead and therefore should not be enabled in production.`)
}