Skip to content

fix: logging of unredacted payloads through OperationDescription in audit events#22879

Open
marevers wants to merge 4 commits intogoharbor:mainfrom
marevers:fix-op-description-redact
Open

fix: logging of unredacted payloads through OperationDescription in audit events#22879
marevers wants to merge 4 commits intogoharbor:mainfrom
marevers:fix-op-description-redact

Conversation

@marevers
Copy link

@marevers marevers commented Feb 26, 2026
edited by Vad1mo
Loading

Thank you for contributing to Harbor!

Comprehensive Summary of your change

Changes the OperationDescription field in audit events to have the redacted payload, rather than the original payload. This makes sure secrets are properly redacted in the visible log entries in the Harbor portal.

Issue being fixed

Fixes #22878

Please indicate you've done the following:

  • Well Written Title and Summary of the PR
  • Label the PR as needed. "release-note/ignore-for-release, release-note/new-feature, release-note/update, release-note/enhancement, release-note/community, release-note/breaking-change, release-note/docs, release-note/infra, release-note/deprecation"
  • Accepted the DCO. Commits without the DCO will delay acceptance.
  • Made sure tests are passing and test coverage is added if needed.
  • Considered the docs impact and opened a new docs issue or PR with docs changes if needed in website repository.

@marevers
Send redacted payload to operation description
b2a1ec7 
Signed-off-by: Martijn Evers <mevers@gk-software.com>
@marevers marevers requested a review from a team as a code owner February 26, 2026 09:38
@Vad1mo Vad1mo added the release-note/update Update or Fix label Feb 26, 2026
@codecov
Copy link

codecov bot commented Feb 26, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 66.00%. Comparing base (c8c11b4) to head (b2a1ec7).
⚠️ Report is 678 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##             main   #22879       +/-   ##
===========================================
+ Coverage   45.36%   66.00%   +20.63%     
===========================================
  Files         244     1074      +830     
  Lines       13333   116417   +103084     
  Branches     2719     2937      +218     
===========================================
+ Hits         6049    76844    +70795     
- Misses       6983    35325    +28342     
- Partials      301     4248     +3947
Flag Coverage Δ
unittests 66.00% <100.00%> (+20.63%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
src/pkg/auditext/event/config/config.go 78.57% <100.00%> (ø)

... and 988 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@stonezdj stonezdj

@wy65701436 wy65701436

@MinerYang MinerYang

Labels

release-note/update Update or Fix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Operation description in logs is showing unredacted secrets

5 participants

@marevers @Vad1mo @stonezdj @wy65701436 @MinerYang