zware/awx
1
0
Fork 0
mirror of https://github.com/ZwareBear/awx.git synced 2026-05-04 07:51:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

only sanitize project update events for the scm modules

Browse Source 
these are the only modules in the project update playbook that actually
utilize the SCM URL (which is what potentially contains sensitive data)
This commit is contained in:
Ryan Petrello
2020-05-01 09:58:25 -04:00
parent 99c7f2f70d
commit bf65b40241
2 changed files with 21 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
awx/main/tasks.py
View File

@@ -1232,10 +1232,12 @@ class BaseTask(object):
# this is a _little_ expensive to filter
# with regex, but project updates don't have many events,
# so it *should* have a negligible performance impact
task = event_data.get('event_data', {}).get('task_action')
try:
event_data_json = json.dumps(event_data)
event_data_json = UriCleaner.remove_sensitive(event_data_json)
event_data = json.loads(event_data_json)
if task in ('git', 'hg', 'svn'):
event_data_json = json.dumps(event_data)
event_data_json = UriCleaner.remove_sensitive(event_data_json)
event_data = json.loads(event_data_json)
except json.JSONDecodeError:
pass