MCPcopy Index your code
hub / github.com/databus23/helm-diff / redactSecrets

Function redactSecrets

diff/diff.go:355–403  ·  view source on GitHub ↗

redactSecrets redacts secrets from the diff output.

(old, new *manifest.MappingResult)

Source from the content-addressed store, hash-verified

353
354// redactSecrets redacts secrets from the diff output.
355func redactSecrets(old, new *manifest.MappingResult) {
356 if (old != nil && old.Kind != kindSecret) || (new != nil && new.Kind != kindSecret) {
357 return
358 }
359 serializer := json.NewYAMLSerializer(json.DefaultMetaFactory, scheme.Scheme, scheme.Scheme)
360
361 oldSecret, newSecret, oldSecretDecodeErr, newSecretDecodeErr := preHandleSecrets(old, new)
362
363 if old != nil && oldSecretDecodeErr == nil {
364 oldSecret.StringData = make(map[string]string, len(oldSecret.Data))
365 for k, v := range oldSecret.Data {
366 if new != nil && bytes.Equal(v, newSecret.Data[k]) {
367 oldSecret.StringData[k] = fmt.Sprintf("REDACTED # (%d bytes)", len(v))
368 } else {
369 oldSecret.StringData[k] = fmt.Sprintf("-------- # (%d bytes)", len(v))
370 }
371 }
372 }
373 if new != nil && newSecretDecodeErr == nil {
374 newSecret.StringData = make(map[string]string, len(newSecret.Data))
375 for k, v := range newSecret.Data {
376 if old != nil && bytes.Equal(v, oldSecret.Data[k]) {
377 newSecret.StringData[k] = fmt.Sprintf("REDACTED # (%d bytes)", len(v))
378 } else {
379 newSecret.StringData[k] = fmt.Sprintf("++++++++ # (%d bytes)", len(v))
380 }
381 }
382 }
383
384 // remove Data field now that we are using StringData for serialization
385 if old != nil && oldSecretDecodeErr == nil {
386 oldSecretBuf := bytes.NewBuffer(nil)
387 oldSecret.Data = nil
388 if err := serializer.Encode(&oldSecret, oldSecretBuf); err != nil {
389 new.Content = fmt.Sprintf("Error encoding new secret: %s", err)
390 }
391 old.Content = getComment(old.Content) + strings.Replace(strings.Replace(oldSecretBuf.String(), "stringData", "data", 1), " creationTimestamp: null\n", "", 1)
392 oldSecretBuf.Reset()
393 }
394 if new != nil && newSecretDecodeErr == nil {
395 newSecretBuf := bytes.NewBuffer(nil)
396 newSecret.Data = nil
397 if err := serializer.Encode(&newSecret, newSecretBuf); err != nil {
398 new.Content = fmt.Sprintf("Error encoding new secret: %s", err)
399 }
400 new.Content = getComment(new.Content) + strings.Replace(strings.Replace(newSecretBuf.String(), "stringData", "data", 1), " creationTimestamp: null\n", "", 1)
401 newSecretBuf.Reset()
402 }
403}
404
405// decodeSecrets decodes secrets from the diff output.
406func decodeSecrets(old, new *manifest.MappingResult) {

Callers 3

contentSearchFunction · 0.85
doDiffFunction · 0.85
TestRedactSecretsFunction · 0.85

Calls 3

preHandleSecretsFunction · 0.85
getCommentFunction · 0.85
StringMethod · 0.45

Tested by 1

TestRedactSecretsFunction · 0.68