From 5f1961ec25efda9b2e7f69a000b407704b63f56b Mon Sep 17 00:00:00 2001 From: unl0ck Date: Thu, 26 Dec 2024 23:09:21 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20FIX:=20fixed=20sensitive=20data?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .bumpversion-edge.toml | 2 +- .github/workflows/builder.yaml | 3 ++ GridboxConnectorAddon-edge/CHANGELOG.md | 6 +++ .../GridboxConnector/utils.py | 39 +++++++------------ GridboxConnectorAddon-edge/cloudSettings.json | 2 +- GridboxConnectorAddon-edge/config.yaml | 2 +- .../rootfs/share/cloudSettings.json | 2 +- 7 files changed, 26 insertions(+), 30 deletions(-) diff --git a/.bumpversion-edge.toml b/.bumpversion-edge.toml index 54c7d81..1056b5d 100644 --- a/.bumpversion-edge.toml +++ b/.bumpversion-edge.toml @@ -1,5 +1,5 @@ [tool.bumpversion] -current_version = "2.11.26" +current_version = "2.11.27" parse = "(?P\\d+)\\.(?P\\d+)\\.(?P\\d+)" serialize = ["{major}.{minor}.{patch}"] search = "{current_version}" diff --git a/.github/workflows/builder.yaml b/.github/workflows/builder.yaml index 2530573..33041ec 100644 --- a/.github/workflows/builder.yaml +++ b/.github/workflows/builder.yaml @@ -109,4 +109,7 @@ jobs: --target /data/${{ matrix.addon }} \ --image "${{ steps.check.outputs.image }}" \ --docker-hub "ghcr.io/${{ github.repository_owner }}" \ + --cosign \ --addon + env: + LOGFIRE_TOKEN: ${{ secrets.LOGFIRE_TOKEN }} diff --git a/GridboxConnectorAddon-edge/CHANGELOG.md b/GridboxConnectorAddon-edge/CHANGELOG.md index 3e52db4..d35a45d 100644 --- a/GridboxConnectorAddon-edge/CHANGELOG.md +++ b/GridboxConnectorAddon-edge/CHANGELOG.md @@ -1,5 +1,11 @@ +## 2.11.27 + +### 🔨 Fixed + +- sensitive filter fixed + ## 2.11.26 ### 🚀 Added diff --git a/GridboxConnectorAddon-edge/GridboxConnector/utils.py b/GridboxConnectorAddon-edge/GridboxConnector/utils.py index 54f45e3..9cd17dc 100644 --- a/GridboxConnectorAddon-edge/GridboxConnector/utils.py +++ b/GridboxConnectorAddon-edge/GridboxConnector/utils.py @@ -6,32 +6,19 @@ class SensitiveDataFilter(logging.Filter): def filter(self, record): message = record.getMessage() - # try: - # literal_msg = ast.literal_eval(message) - # # Sensible Daten filtern, falls vorhanden - # if 'username' in literal_msg: - # literal_msg['username'] = '***' - # if 'password' in literal_msg: - # literal_msg['password'] = '***' - # if 'id_token' in literal_msg: - # literal_msg['id_token'] = '***' - # if 'access_token' in literal_msg: - # literal_msg['access_token'] = '***' - # if 'client_id' in literal_msg: - # literal_msg['client_id'] = '***' - # # Das modifizierte Dictionary zurück in einen String konvertieren - # record.msg = json.dumps(literal_msg) - # except Exception as e: - # logging.error(f"Error filtering sensitive data: {e}") - # pass - message = record.getMessage() - # Sensible Daten filtern, falls vorhanden - message = re.sub(r'username=[\'"].+?[\'"]', 'username="***"', message) - message = re.sub(r'password=[\'"].+?[\'"]', 'password="***"', message) - message = re.sub(r'id_token=[\'"].+?[\'"]', 'id_token="***"', message) - message = re.sub(r'access_token=[\'"].+?[\'"]', 'access_token="***"', message) - message = re.sub(r'client_id=[\'"].+?[\'"]', 'client_id="***"', message) - record.msg = message + try: + message_json = json.loads(message) + # Sensible Daten filtern, falls vorhanden + sensitive_keys = ['username', 'password', 'id_token', 'access_token', 'client_id'] + for key in sensitive_keys: + if key in message_json: + message_json[key] = '***' + # Das modifizierte JSON-Objekt zurück in einen String konvertieren + record.msg = json.dumps(message_json) + except json.JSONDecodeError: + logging.error("Error decoding JSON message") + except Exception as e: + logging.error(f"Error filtering sensitive data: {e}") return True def get_bool_env(var, default=False): diff --git a/GridboxConnectorAddon-edge/cloudSettings.json b/GridboxConnectorAddon-edge/cloudSettings.json index d8961d8..fce5033 100644 --- a/GridboxConnectorAddon-edge/cloudSettings.json +++ b/GridboxConnectorAddon-edge/cloudSettings.json @@ -1,5 +1,5 @@ { - "version": "2.11.26", + "version": "2.11.27", "urls": { "login": "https://gridx.eu.auth0.com/oauth/token", "gateways": "https://api.gridx.de/gateways", diff --git a/GridboxConnectorAddon-edge/config.yaml b/GridboxConnectorAddon-edge/config.yaml index 7a26657..132891a 100644 --- a/GridboxConnectorAddon-edge/config.yaml +++ b/GridboxConnectorAddon-edge/config.yaml @@ -1,7 +1,7 @@ # https://developers.home-assistant.io/docs/add-ons/configuration#add-on-config --- name: Viessmann Gridbox Connector (edge) -version: "2.11.26" +version: "2.11.27" slug: "gridbox_connector_edge" description: "Viessmann Gridbox Connector (edge)" url: "https://github.com/unl0ck/homeassistant-addon-viessmann-gridbox/tree/main/GridboxConnectorAddon-edge" diff --git a/GridboxConnectorAddon-edge/rootfs/share/cloudSettings.json b/GridboxConnectorAddon-edge/rootfs/share/cloudSettings.json index d8961d8..fce5033 100644 --- a/GridboxConnectorAddon-edge/rootfs/share/cloudSettings.json +++ b/GridboxConnectorAddon-edge/rootfs/share/cloudSettings.json @@ -1,5 +1,5 @@ { - "version": "2.11.26", + "version": "2.11.27", "urls": { "login": "https://gridx.eu.auth0.com/oauth/token", "gateways": "https://api.gridx.de/gateways",