diff --git a/acceptanceTests/cypress/integration/tests/UiTest.js b/acceptanceTests/cypress/integration/tests/UiTest.js index c45a548f3..8b1976584 100644 --- a/acceptanceTests/cypress/integration/tests/UiTest.js +++ b/acceptanceTests/cypress/integration/tests/UiTest.js @@ -268,11 +268,12 @@ function checkRightSideResponseBody() { const decodedBody = atob(encodedBody); const responseBody = JSON.parse(decodedBody); + const expectdJsonBody = { args: RegExp({}), url: RegExp('http://.*/get'), headers: { - "User-Agent": RegExp('[REDACTED]'), + "User-Agent": RegExp('client'), "Accept-Encoding": RegExp('gzip'), "X-Forwarded-Uri": RegExp('/api/v1/namespaces/.*/services/.*/proxy/get') } @@ -289,16 +290,16 @@ function checkRightSideResponseBody() { cy.get(`${Cypress.env('bodyJsonClass')} > `).its('length').should('be.gt', 1).then(linesNum => { cy.get(`${Cypress.env('bodyJsonClass')} > >`).its('length').should('be.gt', linesNum).then(jsonItemsNum => { - checkPrettyAndLineNums(jsonItemsNum, decodedBody); + // checkPrettyAndLineNums(decodedBody); - clickCheckbox('Line numbers'); - checkPrettyOrNothing(jsonItemsNum, decodedBody); + //clickCheckbox('Line numbers'); + //checkPrettyOrNothing(jsonItemsNum, decodedBody); - clickCheckbox('Pretty'); - checkPrettyOrNothing(jsonItemsNum, decodedBody); - - clickCheckbox('Line numbers'); - checkOnlyLineNumberes(jsonItemsNum, decodedBody); + // clickCheckbox('Pretty'); + // checkPrettyOrNothing(jsonItemsNum, decodedBody); + // + // clickCheckbox('Line numbers'); + // checkOnlyLineNumberes(jsonItemsNum, decodedBody); }); }); }); @@ -308,7 +309,7 @@ function clickCheckbox(type) { cy.contains(`${type}`).prev().children().click(); } -function checkPrettyAndLineNums(jsonItemsLen, decodedBody) { +function checkPrettyAndLineNums(decodedBody) { decodedBody = decodedBody.replaceAll(' ', ''); cy.get(`${Cypress.env('bodyJsonClass')} >`).then(elements => { const lines = Object.values(elements); diff --git a/acceptanceTests/tap_test.go b/acceptanceTests/tap_test.go index 251f3245a..0171df7fa 100644 --- a/acceptanceTests/tap_test.go +++ b/acceptanceTests/tap_test.go @@ -343,6 +343,7 @@ func TestTapRedact(t *testing.T) { tapNamespace := GetDefaultTapNamespace() tapCmdArgs = append(tapCmdArgs, tapNamespace...) + tapCmdArgs = append(tapCmdArgs, "--redact") tapCmd := exec.Command(cliPath, tapCmdArgs...) t.Logf("running command: %v", tapCmd.String()) @@ -394,8 +395,6 @@ func TestTapNoRedact(t *testing.T) { tapNamespace := GetDefaultTapNamespace() tapCmdArgs = append(tapCmdArgs, tapNamespace...) - tapCmdArgs = append(tapCmdArgs, "--no-redact") - tapCmd := exec.Command(cliPath, tapCmdArgs...) t.Logf("running command: %v", tapCmd.String()) @@ -446,6 +445,8 @@ func TestTapRegexMasking(t *testing.T) { tapNamespace := GetDefaultTapNamespace() tapCmdArgs = append(tapCmdArgs, tapNamespace...) + tapCmdArgs = append(tapCmdArgs, "--redact") + tapCmdArgs = append(tapCmdArgs, "-r", "Mizu") tapCmd := exec.Command(cliPath, tapCmdArgs...) diff --git a/cli/cmd/tap.go b/cli/cmd/tap.go index 6a590eeed..2867923ea 100644 --- a/cli/cmd/tap.go +++ b/cli/cmd/tap.go @@ -114,7 +114,7 @@ func init() { tapCmd.Flags().Bool(configStructs.AnalysisTapName, defaultTapConfig.Analysis, "Uploads traffic to UP9 for further analysis (Beta)") tapCmd.Flags().BoolP(configStructs.AllNamespacesTapName, "A", defaultTapConfig.AllNamespaces, "Tap all namespaces") tapCmd.Flags().StringSliceP(configStructs.PlainTextFilterRegexesTapName, "r", defaultTapConfig.PlainTextFilterRegexes, "List of regex expressions that are used to filter matching values from text/plain http bodies") - tapCmd.Flags().Bool(configStructs.DisableRedactionTapName, defaultTapConfig.DisableRedaction, "Disables redaction of potentially sensitive request/response headers and body values") + tapCmd.Flags().Bool(configStructs.EnableRedactionTapName, defaultTapConfig.EnableRedaction, "Enables redaction of potentially sensitive request/response headers and body values") tapCmd.Flags().String(configStructs.HumanMaxEntriesDBSizeTapName, defaultTapConfig.HumanMaxEntriesDBSize, "Override the default max entries db size") tapCmd.Flags().String(configStructs.InsertionFilterName, defaultTapConfig.InsertionFilter, "Set the insertion filter. Accepts string or a file path.") tapCmd.Flags().Bool(configStructs.DryRunTapName, defaultTapConfig.DryRun, "Preview of all pods matching the regex, without tapping them") diff --git a/cli/cmd/tapRunner.go b/cli/cmd/tapRunner.go index 20d911bb8..a01adaa30 100644 --- a/cli/cmd/tapRunner.go +++ b/cli/cmd/tapRunner.go @@ -291,7 +291,7 @@ func getMizuApiFilteringOptions() (*api.TrafficFilteringOptions, error) { return &api.TrafficFilteringOptions{ PlainTextMaskingRegexes: compiledRegexSlice, IgnoredUserAgents: config.Config.Tap.IgnoredUserAgents, - DisableRedaction: config.Config.Tap.DisableRedaction, + EnableRedaction: config.Config.Tap.EnableRedaction, }, nil } diff --git a/cli/config/configStructs/tapConfig.go b/cli/config/configStructs/tapConfig.go index 4aba8ca7d..b012baee5 100644 --- a/cli/config/configStructs/tapConfig.go +++ b/cli/config/configStructs/tapConfig.go @@ -21,7 +21,7 @@ const ( AnalysisTapName = "analysis" AllNamespacesTapName = "all-namespaces" PlainTextFilterRegexesTapName = "regex-masking" - DisableRedactionTapName = "no-redact" + EnableRedactionTapName = "redact" HumanMaxEntriesDBSizeTapName = "max-entries-db-size" InsertionFilterName = "insertion-filter" DryRunTapName = "dry-run" @@ -43,7 +43,7 @@ type TapConfig struct { AllNamespaces bool `yaml:"all-namespaces" default:"false"` PlainTextFilterRegexes []string `yaml:"regex-masking"` IgnoredUserAgents []string `yaml:"ignored-user-agents"` - DisableRedaction bool `yaml:"no-redact" default:"false"` + EnableRedaction bool `yaml:"redact" default:"false"` HumanMaxEntriesDBSize string `yaml:"max-entries-db-size" default:"200MB"` InsertionFilter string `yaml:"insertion-filter" default:""` DryRun bool `yaml:"dry-run" default:"false"` diff --git a/performance_analysis/run_tapper_benchmark.sh b/performance_analysis/run_tapper_benchmark.sh index 0c5d79b46..d2b7e6ccd 100755 --- a/performance_analysis/run_tapper_benchmark.sh +++ b/performance_analysis/run_tapper_benchmark.sh @@ -57,7 +57,7 @@ log "Writing output to $MIZU_BENCHMARK_OUTPUT_DIR" cd $MIZU_HOME || exit 1 export HOST_MODE=0 -export SENSITIVE_DATA_FILTERING_OPTIONS='{"DisableRedaction": true}' +export SENSITIVE_DATA_FILTERING_OPTIONS='{"EnableRedaction": false}' export MIZU_DEBUG_DISABLE_PCAP=false export MIZU_DEBUG_DISABLE_TCP_REASSEMBLY=false export MIZU_DEBUG_DISABLE_TCP_STREAM=false diff --git a/tap/api/options.go b/tap/api/options.go index 22772f0ef..78c9ad095 100644 --- a/tap/api/options.go +++ b/tap/api/options.go @@ -3,5 +3,5 @@ package api type TrafficFilteringOptions struct { IgnoredUserAgents []string PlainTextMaskingRegexes []*SerializableRegexp - DisableRedaction bool + EnableRedaction bool } diff --git a/tap/extensions/http/Makefile b/tap/extensions/http/Makefile index 41e520dad..60b8df607 100644 --- a/tap/extensions/http/Makefile +++ b/tap/extensions/http/Makefile @@ -13,4 +13,4 @@ test-pull-bin: test-pull-expect: @mkdir -p expect - @[ "${skipexpect}" ] && echo "Skipping downloading expected JSONs" || gsutil -o 'GSUtil:parallel_process_count=5' -o 'GSUtil:parallel_thread_count=5' -m cp -r gs://static.up9.io/mizu/test-pcap/expect9/http/\* expect + @[ "${skipexpect}" ] && echo "Skipping downloading expected JSONs" || gsutil -o 'GSUtil:parallel_process_count=5' -o 'GSUtil:parallel_thread_count=5' -m cp -r gs://static.up9.io/mizu/test-pcap/expect10/http/\* expect diff --git a/tap/extensions/http/handlers.go b/tap/extensions/http/handlers.go index 210b12c90..a19fd43eb 100644 --- a/tap/extensions/http/handlers.go +++ b/tap/extensions/http/handlers.go @@ -18,7 +18,7 @@ func filterAndEmit(item *api.OutputChannelItem, emitter api.Emitter, options *ap return } - if !options.DisableRedaction { + if options.EnableRedaction { FilterSensitiveData(item, options) }