Skip to content

Resolve "redact logs in verbose mode"

aguestuser requested to merge 291-redact-logs-in-verbose-mode into master

Closes #291 (closed)

Context

  • to help us chase down perf issues, we'd like to log all messages we put onto and read off of the signald socket, but that would leak message contents and lots of phone numbers!!!
  • this MR introduces a redacted logging schema for safely logging all signald messages that will allow us to always log verbosely
  • while at it, it cleans up some of the behavior of the metrics module

Changes

  • add add util.redact to hash phone numbers message contents
    • use variant of djb's efficient string-hashing algo: https://github.com/darkskyapp/string-hash
    • salt with secret in prod (added to .env files), provide default for dev/test
    • expose the string-hashing function (which bakes in salting) and redact function for use in rest of app
  • log redacted versions of all messages written to / read from the signald socket when in verbose mode:
    • use util.redact to log redacted versions of all message read from or written to signald socket when in verbose mode (in dispatcher.index and socket.write, respectively)
    • modify util.redact so that it automatically skips redaction in development env (but automatically does redact in all other envs)
    • extract extra ------ noise for signald message logging to a util.emphasize helper shared between dispatcher and socket.write
  • provide various cleanups to the metrics module:
    • always redacting channel phone numbers (so there are no phone numbers at all in our logs anymore!)
    • fixing a register/registry naming bug that caused us to not be able to log default node metrics like memory/CPU usage
    • labeling signald messages with no channel phone number as coming from SYSTEM
    • replacing the channelPhoneNumber
  • sprinkle in some dev/maintainer ergonomic niceties:
    • provide hash of channel phone numbers as part of output of boost list-channels
      • this allows maintainers to deduce a channel phone number from metrics to offer emergency support
      • we should strip this (and the phone number and channel name) once support needs stabilize
    • provide new make scripts for running app at various levels of verbosity:
      • make dev.up.v logs signald messages verbosely
      • make dev.up omits prometheus/grafana for cleaner logs
      • make.dev.metrics includes prometheus/grafana for locally testing new metrics features
      • provide dev.restart.v and dev.restart.metrics as well!
Edited by aguestuser

Merge request reports