88 lines
2.7 KiB
Erlang
88 lines
2.7 KiB
Erlang
%%--------------------------------------------------------------------
|
|
%% Copyright (c) 2021-2022 EMQ Technologies Co., Ltd. All Rights Reserved.
|
|
%%
|
|
%% Licensed under the Apache License, Version 2.0 (the "License");
|
|
%% you may not use this file except in compliance with the License.
|
|
%% You may obtain a copy of the License at
|
|
%%
|
|
%% http://www.apache.org/licenses/LICENSE-2.0
|
|
%%
|
|
%% Unless required by applicable law or agreed to in writing, software
|
|
%% distributed under the License is distributed on an "AS IS" BASIS,
|
|
%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
%% See the License for the specific language governing permissions and
|
|
%% limitations under the License.
|
|
%%--------------------------------------------------------------------
|
|
|
|
%% Collection of functions for creating node dumps
|
|
-module(emqx_node_dump).
|
|
|
|
-export([ sys_info/0
|
|
, app_env_dump/0
|
|
]).
|
|
|
|
sys_info() ->
|
|
#{ release => emqx_app:get_release()
|
|
, otp_version => emqx_vm:get_otp_version()
|
|
}.
|
|
|
|
app_env_dump() ->
|
|
censor(ets:tab2list(ac_tab)).
|
|
|
|
censor([]) ->
|
|
[];
|
|
censor([{{env, App, Key}, Val} | Rest]) ->
|
|
[{{env, App, Key}, censor([Key, App], Val)} | censor(Rest)];
|
|
censor([_ | Rest]) ->
|
|
censor(Rest).
|
|
|
|
censor(Path, {Key, Val}) when is_atom(Key) ->
|
|
{Key, censor([Key|Path], Val)};
|
|
censor(Path, M) when is_map(M) ->
|
|
Fun = fun(Key, Val) ->
|
|
censor([Key|Path], Val)
|
|
end,
|
|
maps:map(Fun, M);
|
|
censor(Path, L = [Fst|_]) when is_tuple(Fst) ->
|
|
[censor(Path, I) || I <- L];
|
|
censor([Key | _], Val) ->
|
|
case is_sensitive(Key) of
|
|
true -> obfuscate_value(Val);
|
|
false -> Val
|
|
end.
|
|
|
|
is_sensitive(Key) when is_atom(Key) ->
|
|
is_sensitive(atom_to_binary(Key, utf8));
|
|
is_sensitive(Key) when is_list(Key) ->
|
|
try iolist_to_binary(Key) of
|
|
Bin ->
|
|
is_sensitive(Bin)
|
|
catch
|
|
_ : _ ->
|
|
false
|
|
end;
|
|
is_sensitive(Key) when is_binary(Key) ->
|
|
lists:any(fun(Pattern) -> re:run(Key, Pattern) =/= nomatch end,
|
|
["passwd", "password", "secret"]);
|
|
is_sensitive(Key) when is_tuple(Key) ->
|
|
false.
|
|
|
|
obfuscate_value(Val) when is_binary(Val) ->
|
|
<<"********">>;
|
|
obfuscate_value(_Val) ->
|
|
"********".
|
|
|
|
-ifdef(TEST).
|
|
|
|
-include_lib("eunit/include/eunit.hrl").
|
|
|
|
censor_test() ->
|
|
?assertMatch( [{{env, emqx, listeners}, #{password := <<"********">>}}]
|
|
, censor([foo, {{env, emqx, listeners}, #{password => <<"secret">>}}, {app, bar}])
|
|
),
|
|
?assertMatch( [{{env, emqx, listeners}, [{foo, 1}, {password, "********"}]}]
|
|
, censor([{{env, emqx, listeners}, [{foo, 1}, {password, "secret"}]}])
|
|
).
|
|
|
|
-endif. %% TEST
|