Sanitize the rbd file cmd parameter logs during qemu-img convert (through Script) (#11801)

2025-10-26 01:32:18 +02:00 · 2025-10-08 17:25:08 +05:30 · 2025-10-08 17:25:08 +05:30 · b143ddc405
commit b143ddc405
parent 9f20979bce
1 changed files with 37 additions and 7 deletions
--- a/utils/src/main/java/com/cloud/utils/script/Script.java
+++ b/utils/src/main/java/com/cloud/utils/script/Script.java
@ -29,6 +29,7 @@ import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URL;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 import java.util.Properties;
 import java.util.concurrent.Callable;
@ -157,13 +158,7 @@ public class Script implements Callable<String> {
        boolean obscureParam = false;
        for (int i = 0; i < command.length; i++) {
            String cmd = command[i];
-            if (StringUtils.isNotEmpty(cmd) && cmd.startsWith("vi://")) {
-                String[] tokens = cmd.split("@");
-                if (tokens.length >= 2) {
-                    builder.append("vi://").append("******@").append(tokens[1]).append(" ");
-                } else {
-                    builder.append("vi://").append("******").append(" ");
-                }
+            if (sanitizeViCmdParameter(cmd, builder) || sanitizeRbdFileFormatCmdParameter(cmd, builder)) {
                continue;
            }
            if (obscureParam) {
@ -181,6 +176,41 @@ public class Script implements Callable<String> {
        return builder.toString();
    }

+    private boolean sanitizeViCmdParameter(String cmd, StringBuilder builder) {
+        if (StringUtils.isEmpty(cmd) || !cmd.startsWith("vi://")) {
+            return false;
+        }
+
+        String[] tokens = cmd.split("@");
+        if (tokens.length >= 2) {
+            builder.append("vi://").append("******@").append(tokens[1]).append(" ");
+        } else {
+            builder.append("vi://").append("******").append(" ");
+        }
+        return true;
+    }
+
+    private boolean sanitizeRbdFileFormatCmdParameter(String cmd, StringBuilder builder) {
+        if (StringUtils.isEmpty(cmd) || !cmd.startsWith("rbd:") || !cmd.contains("key=")) {
+            return false;
+        }
+
+        String[] tokens = cmd.split("key=");
+        if (tokens.length != 2) {
+            return false;
+        }
+
+        String tokenWithKey = tokens[1];
+        String[] options = tokenWithKey.split(":");
+        if (options.length > 1) {
+            String optionsAfterKey = String.join(":", Arrays.copyOfRange(options, 1, options.length));
+            builder.append(tokens[0]).append("key=").append("******").append(":").append(optionsAfterKey).append(" ");
+        } else {
+            builder.append(tokens[0]).append("key=").append("******").append(" ");
+        }
+        return true;
+    }
+
    public long getTimeout() {
        return _timeout;
    }