fix(workspace): redact GitHub tokens in container logs#81
Open
fshehadeh-sfl wants to merge 1 commit into
Open
Conversation
Clone URLs and docker -e env args were logged in plaintext, exposing gho_/ghu_ GitHub tokens to anyone reading orchestrator logs (OWASP A09). Apply redactUrls to rootCloneUrl and a new redactDockerArgs helper to the agent/review container command debug logs. Refs #22792
There was a problem hiding this comment.
Pull request overview
This PR addresses a security issue where GitHub access tokens could be leaked into host/container logs by ensuring token-bearing clone URLs and Docker command arguments are redacted before being written to logs, strengthening the workspace runner’s operational security.
Changes:
- Redacts URL-embedded credentials when logging the root clone URL for multi-push-target workspace preparation.
- Introduces
redactDockerArgs()to sanitize Docker argv arrays (sensitiveNAME=VALUEenvs, URL credentials, and token-shaped values) before debug logging. - Adds unit tests to ensure redaction removes GitHub token formats across common leak patterns.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
src/workspace/workspaceRunner.ts |
Applies redaction to clone URL and Docker argv debug logs for agent/review containers to prevent token leakage. |
src/utils/redactUrl.ts |
Adds redactDockerArgs() and supporting patterns for masking sensitive env assignments and token-like values. |
tests/unit/redactUrl.test.ts |
Adds unit coverage validating URL and Docker-argv redaction against multiple token leak scenarios. |
Comment on lines
+11
to
+13
| /** Env-var names whose values must never be logged. */ | ||
| const SENSITIVE_KEY = | ||
| /(TOKEN|SECRET|PASSWORD|PASSWD|PASSPHRASE|CREDENTIAL|PRIVATE_KEY|API[_-]?KEY|\bKEY\b|AUTH|PAT)/i; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes Redmine #22792. GitHub access tokens were written to the orchestrator logs in plaintext, so anyone with read access to
docker logs ve-orchestrator(or host journald/log files) could recover live GitHub credentials (OWASP A09:2021 — Security Logging Failures).Leak locations (both in
src/workspace/workspaceRunner.ts)rootCloneUrl: root.cloneUrl, which containshttps://x-access-token:gho_...@github.com/....GITHUB_TOKENenv var — the "agent container command" (and "review container command") debug log dumped the fulldockerArgsarray, including-e GITHUB_TOKEN=ghu_...in cleartext.Fix
redactUrlshelper for therootCloneUrlfield.redactDockerArgshelper (src/utils/redactUrl.ts) that masks the value of any sensitiveNAME=VALUEargument (*TOKEN*,*SECRET*,*PASSWORD*,*AUTH*, etc.), strips URL-embedded credentials, and masks stray GitHub token-shaped values. Applied to both the agent and review container command debug logs.Tests
tests/unit/redactUrl.test.ts— 5 new tests asserting tokens never survive redaction (clone URLs, sensitive env assignments, URL-bearing args, stray token-shaped values).Operational note
Tokens already captured in existing logs should be rotated independently of this code fix.
Validation
npm run typecheck— zero errorsnpm run lint— cleannpx vitest run tests/unit/redactUrl.test.ts— 5 passed