projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'master' into 14723-cwl-multiple-file-targets
[arvados.git] / services / api / config / initializers / lograge.rb
diff --git a/services/api/config/initializers/lograge.rb b/services/api/config/initializers/lograge.rb
index e5bd2002fae3c07a0758263add95c5bfb7189613..07dba3aef4ff9bb64db8c1236a73c0c97c15a794 100644 (file)
--- a/services/api/config/initializers/lograge.rb
+++ b/services/api/config/initializers/lograge.rb
@@ -1,14 +1,48 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
+require 'safe_json'
+
 Server::Application.configure do
   config.lograge.enabled = true
   config.lograge.formatter = Lograge::Formatters::Logstash.new
   config.lograge.custom_options = lambda do |event|
+    payload = {
+      request_id: event.payload[:request_id],
+      client_ipaddr: event.payload[:client_ipaddr],
+      client_auth: event.payload[:client_auth],
+    }
     exceptions = %w(controller action format id)
     params = event.payload[:params].except(*exceptions)
-    params_s = Oj.dump(params)
-    if params_s.length > 1000
-      { params_truncated: params_s[0..1000] + "[...]" }
+
+    # Omit secret_mounts field if supplied in create/update request
+    # body.
+    [
+      ['container', 'secret_mounts'],
+      ['container_request', 'secret_mounts'],
+    ].each do |resource, field|
+      if params[resource].is_a? Hash
+        params[resource] = params[resource].except(field)
+      end
+    end
+
+    # Redact new_user_token param in /arvados/v1/users/merge
+    # request. Log the auth UUID instead, if the token exists.
+    if params['new_user_token'].is_a? String
+      params['new_user_token_uuid'] =
+        ApiClientAuthorization.
+          where('api_token = ?', params['new_user_token']).
+          first.andand.uuid
+      params['new_user_token'] = '[...]'
+    end
+
+    params_s = SafeJSON.dump(params)
+    if params_s.length > Rails.configuration.SystemLogs["MaxRequestLogParamsSize"]
+      payload[:params_truncated] = params_s[0..Rails.configuration.SystemLogs["MaxRequestLogParamsSize"]] + "[...]"
     else
-      { params: params }
+      payload[:params] = params
     end
+    payload
   end
 end