From 0f2051e606940e682403a5551611361dd5243451 Mon Sep 17 00:00:00 2001
From: Gabe Cook <gabe565@gmail.com>
Date: Sun, 18 Sep 2022 01:20:32 -0500
Subject: [PATCH] :lock: Redact password from logs

---
 internal/log_hooks/redact.go | 30 ++++++++++++++++++++++++++++++
 internal/util/cmd_setup.go   |  2 ++
 2 files changed, 32 insertions(+)
 create mode 100644 internal/log_hooks/redact.go

diff --git a/internal/log_hooks/redact.go b/internal/log_hooks/redact.go
new file mode 100644
index 00000000..a945b54c
--- /dev/null
+++ b/internal/log_hooks/redact.go
@@ -0,0 +1,30 @@
+package log_hooks
+
+import (
+	"fmt"
+	log "github.com/sirupsen/logrus"
+	"strings"
+)
+
+// Redact will redact a secret from log output
+type Redact string
+
+func (r Redact) Levels() []log.Level {
+	return log.AllLevels
+}
+
+func (r Redact) Fire(entry *log.Entry) error {
+	entry.Message = strings.ReplaceAll(entry.Message, string(r), "***")
+
+	for i, field := range entry.Data {
+		switch field := field.(type) {
+		case string:
+			entry.Data[i] = strings.ReplaceAll(field, string(r), "***")
+		default:
+			if field, ok := field.(fmt.Stringer); ok {
+				entry.Data[i] = strings.ReplaceAll(field.String(), string(r), "***")
+			}
+		}
+	}
+	return nil
+}
diff --git a/internal/util/cmd_setup.go b/internal/util/cmd_setup.go
index 561aba87..271f67d6 100644
--- a/internal/util/cmd_setup.go
+++ b/internal/util/cmd_setup.go
@@ -7,6 +7,7 @@ import (
 	"github.com/clevyr/kubedb/internal/config"
 	"github.com/clevyr/kubedb/internal/database"
 	"github.com/clevyr/kubedb/internal/kubernetes"
+	"github.com/clevyr/kubedb/internal/log_hooks"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	v1 "k8s.io/api/core/v1"
@@ -139,6 +140,7 @@ func DefaultSetup(cmd *cobra.Command, conf *config.Global) (err error) {
 			return err
 		}
 	}
+	log.AddHook(log_hooks.Redact(conf.Password))
 
 	return nil
 }