Adding method to filter sensitive data

src/DockerMachine.js

@@ -64,10 +64,10 @@ var DockerMachine = {
   },
 
   create: function () {
-    return util.exec([DockerMachine.command(), 'create', '-d', 'virtualbox', '--virtualbox-memory', '2048', NAME]);
+    return util.exec([DockerMachine.command(), '-D', 'create', '-d', 'virtualbox', '--virtualbox-memory', '2048', NAME]);
   },
   start: function () {
-    return util.exec([DockerMachine.command(), 'start', NAME]);
+    return util.exec([DockerMachine.command(), '-D', 'start', NAME]);
   },
   stop: function () {
     return util.exec([DockerMachine.command(), 'stop', NAME]);
@@ -79,7 +79,7 @@ var DockerMachine = {
     return util.exec([DockerMachine.command(), 'rm', '-f', NAME]);
   },
   ip: function () {
-    return util.exec([DockerMachine.command(), 'ip', NAME]).then(stdout => {
+    return util.exec([DockerMachine.command(), '-D', 'ip', NAME]).then(stdout => {
       return Promise.resolve(stdout.trim().replace('\n', ''));
     });
   },

src/SetupStore.js

@@ -187,7 +187,6 @@ var SetupStore = assign(Object.create(EventEmitter.prototype), {
     yield this.updateBinaries();
     var steps = yield this.requiredSteps();
     for (let step of steps) {
-      console.log(step.name);
       _currentStep = step;
       step.percent = 0;
       while (true) {
@@ -241,6 +240,7 @@ var SetupStore = assign(Object.create(EventEmitter.prototype), {
         });
         bugsnag.notify('SetupError', err.message, {
           error: err,
+          stderr: err.message,
           step: _currentStep
         }, 'info');
         _error = err;

src/Util-test.js

@@ -0,0 +1,35 @@
+jest.dontMock('./Util');
+var util = require('./Util');
+
+describe('Util', function () {
+  describe('removeSensitiveData', function () {
+    it('filters ssh certificate data', function () {
+      var testdata = String.raw`time="2015-04-17T21:43:47-04:00" level="debug" msg="executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectionAttempts=30 -o LogLevel=quiet -p 50483 -i /Users/johnappleseed/.docker/machine/machines/dev2/id_rsa docker@localhost sudo mkdir -p /var/lib/boot2docker" time="2015-04-17T21:43:47-04:00" level="debug" msg="executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectionAttempts=30 -o LogLevel=quiet -p 50483 -i /Users/johnappleseed/.docker/machine/machines/dev2/id_rsa docker@localhost echo \"-----BEGIN CERTIFICATE-----\nMIIC+DCCAeKgAwIBAgIRANfIbsa2M94gDY+fBiBiQBkwCwYJKoZIhvcNAQELMBIx\nEDAOBgNVBAoTB2ptb3JnYW4wHhcNMTUwNDE4MDEzODAwWhcNMTgwNDAyMDEzODAw\nWjAPMQ0wCwYDVQQKEwRkZXYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\nAQEA1yamWT0bk0pRU7eiStjiXe2jkzdeI0SdJZo+bjczkl6kzNW/FmR/OkcP8gHX\nCO3fUCWkR/+rBgz3nuM1Sy0BIUo0EMQGfx17OqIJPXO+BrpCHsXlphHmbQl5bE2Y\nF+bAsGc6WCippw/caNnIHRsb6zAZVYX2AHLYY0fwIDAQABo1AwTjAOBgNVHQ8BAf8EBAMCAKAwHQYD\nVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwDwYDVR0R\nBAgwBocEwKhjZTALBgkqhkiG9w0BAQsDggEBAKBdD86+kl4X1VMjgGlNYnc42tWa\nbo1iDl/frxiLkfPSc2McAOm3AqX1ao+ynjqq1XTlBLPTQByu/oNZgA724LRJDfdG\nCKGUV8latW7rB1yhf/SZSmyhNjufuWlgCtbkw7Q/oPddzYuSOdDW8tVok9gMC0vL\naqKCWfVKkCmvGH+8/wPrkYmro/f0uwJ8ee+yrbBPlBE/qE+Lqcfr0YcXEDaS8CmL\nDjWg7KNFpA6M+/tFNQhplbjwRsCt7C4bzQu0aBIG5XH1Jr2HrKlLjWdmluPHWUL6\nX5Vh1bslYJzsSdBNZFWSKShZ+gtRpjtV7NynANDJPQNIRhDxAf4uDY9hA2c=\n-----END CERTIFICATE-----\n\" | sudo tee /var/lib/boot2docker/server.pem"
+  time="2015-04-17T21:43:47-04:00" level="debug" msg="executing: /usr/bin/VBoxManage showvminfo dev2 --machinereadable"`;
+      expect(util.removeSensitiveData(testdata).indexOf('CERTIFICATE')).toEqual(-1);
+      expect(util.removeSensitiveData(testdata).indexOf('nX5Vh1bslYJzsSdBNZFWSKShZ+gtRpjtV7NynANDJPQNIRhDxAf4uDY9hA2c')).toEqual(-1);
+      expect(util.removeSensitiveData(testdata).indexOf('<redacted>')).toNotEqual(-1);
+    });
+
+    it('filters ssh private key data', function () {
+      var testdata = String.raw`hZbuxglOtQv2AQqOp/luhZ3Y8kDs4cqRzoA1o+k+LAyjEb+Nk\nGA8=\n-----END CERTIFICATE-----\n\" | sudo tee /var/lib/boot2docker/ca.pem"
+  time="2015-04-17T21:43:47-04:00" level="debug" msg="executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectionAttempts=30 -o LogLevel=quiet -p 50483 -i /Users/johnappleseed/.docker/machine/machines/dev2/id_rsa docker@localhost echo \"-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA1yamWT0bk0pRU7eiStjiXe2jkzdeI0SdJZo+bjczkl6kzNW/\nFmR/OkcP8gHXCO3fUCWkR/+rBgz3nuM1Sy0BIUo0EMQGfx17OqIJPXO+BrpCHsXl\nphHmbQl5bE2YF+bAsGc6WCippczQIu5bPweeAkR1WdlkhD08tHD4o1ESe09fXx5G\nXcZFfd2xQWdvAJX3fTuGBk3IMEF2fye5b69zUyVDGbTylyjKDOi9Xxdlc4y9cOPw\nzcwQFCOJiCBYlxDO0fbinA+KigCs29Dd5U3oXbloLr3JQTE/SkxFh9W5rkX8ysY4\n2h3EnR7YIBWt/caNnIHRsb6zAZVYX2AHLYY0fwIDAQABAoIBAQDKF3TTh/G59WnU\n4D2iXnyqy8gFRVG4gP+3TV3s+w8HIr1b5j6akwVqwUs5//5zVbSYPPNF6eJESbPi\nW/s4ROq10VR8lxSfHBsfJQrW3TwWZ6gp7atbxZ6Stv6F+5CsisReLmiAXJmVsn+j\nAA9Xchk6egFcxzWCfV7jAuaZyVI53cclepm/xkGjPwrfXr+nA+UMvO6DllC6IcBF\no4+O0jVtzdMecZnQk6nWxNJjurodTTQakrNAqSMgBshn48wf3N35b+p8RtTzLJ8L\nYuHkv6OKMITIazcHadjsN8icGgIGf2BJ1CRje7j0Yzow8jwY+Pet3yxKSfXED89B\nD34AEXl5AoGBANi17og+yPFOWURUrksO/QyzlOtXcQdQu8SmkUj4ACoqF0gegQIb\nC/DNMcYxJAsPPgw/t5Ws/af8DuatYguGukmekYREVjc7DS/hPWDZzeavPd95cOw0\nuMPgJE76HJ3BSYcp1f8WKcN+xDket9CF6Qz+VX5aQSUEc333V5h7D/nzAoGBAP4o\nVCvQu5eKYmDhMFSOA0+Qm3EECRqMLoH6kpEcbMjM8+kOeI0fUuE3CX8nzs7P4py/\n0IFj2Yxl578NHJOjCpbB1UKtxLkmDH42wXXzrWJXRaWXC93dh1sl0aB6qE25FtSD\nzjYh4y1DA/t6y95YRrIqC2WhIU7eigIoujmtOFJFAoGABSKiiWX7ewRhRyY+jxbG\n1lM3FzCWRBccq/dKgBEoZ9dhf9sBMZyUdttV751gfkaZMM8duZVE2YM2ky7OoPlL\nVs1EI38/D8X9dQIAY1gl8e57J92H2IETU8ju81Qn83EOHf7WzFmpGbHaUoQw1Ocn\nc6BfREQ9QPRPDFAdKkbYRRMCgYEAl44k4xvNQUhb8blWwJUOlFt+1Z26cAI3mXp5\n+94fYH4W1Fq0uDJ9kZ7oItLyF5EPaLlY9E8+YuJBl0OSTtdicROUv/Yu4Nk3ievM\n4TE1qvavqVaw1NRM6qVao3+A7Rf57S/Lv6vldBAKR+OpviSVw5gew7OZ0RYS5caz\nhcEtXKECgYAJb7t67nococm0PsRe8Xv1SQOQjetrhzwzD1PLOSC9TrzwA22/ZktZ\neu/qfvYgOPT4LkDGVCzn8J+TAcUVnIvAnJRQTsBu55uiL8YC5jZQ8E1hBf7kskMq\nh16WD19Djv3WhfBNXBxvnagDDWw5DxmiiKzSf0k3QDDoX7wjDAV1dQ==\n-----END RSA PRIVATE KEY-----\n\" | sudo tee /var/lib/boot2docker/server-key.pem"
+  time="2015-04-17T21:43:47-04:00" level="debug" msg="executing: ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectionAttempts=30 -o LogLevel=quiet -p 50483 -i /Users/johnappleseed/.docker/machine/machines/dev2/id_rsa docker@localhost echo \"-----BEGIN CERTIFICATE-----\nMIIC+DCCAeKgAwIBAgIRANfIbsa2M94gDY+fBiBiQBkwCwYJKoZIhvcNAQELMBIx\nEDAOBg`;
+      expect(util.removeSensitiveData(testdata).indexOf('PRIVATE')).toEqual(-1);
+      expect(util.removeSensitiveData(testdata).indexOf('94fYH4W1Fq0uDJ9kZ7oItLyF5EPaLlY9E8+YuJBl0OSTtdicROUv')).toEqual(-1);
+      expect(util.removeSensitiveData(testdata).indexOf('<redacted>')).toNotEqual(-1);
+    });
+
+    it('filters username data', function () {
+      var testdata = String.raw`-o UserKnownHostsFile=/dev/null -o ConnectionAttempts=30 -o LogLevel=quiet -p 50483 -i /Users/johnappleseed/.docker/machine/machines/dev2/id_rsa docker@localhost echo`;
+      expect(util.removeSensitiveData(testdata).indexOf('/Users/johnappleseed')).toEqual(-1);
+      expect(util.removeSensitiveData(testdata).indexOf('<redacted>')).toNotEqual(-1);
+    });
+
+    it ('returns input if empty or not a string', function () {
+      expect(util.removeSensitiveData('')).toBe('');
+      expect(util.removeSensitiveData(1)).toBe(1);
+      expect(util.removeSensitiveData(undefined)).toBe(undefined);
+    });
+  });
+});

src/Util.js

@@ -8,9 +8,9 @@ module.exports = {
     options = options || {};
     return new Promise((resolve, reject) => {
       exec(args, options, (stderr, stdout, code) => {
+        console.log(stderr);
         if (code) {
-          var cmd = Array.isArray(args) ? args.join(' ') : args;
-          reject(new Error(cmd + ' returned non zero exit code\nstdout:' + stdout + '\nstderr:' + stderr));
+          reject(new Error(stderr));
         } else {
           resolve(stdout);
         }
@@ -31,6 +31,14 @@ module.exports = {
     });
     return acc;
   },
+  removeSensitiveData: function (str) {
+    if (!str || str.length === 0 || typeof str !== 'string' ) {
+      return str;
+    }
+    return str.replace(/-----BEGIN CERTIFICATE-----.*-----END CERTIFICATE-----/mg, '<redacted>')
+      .replace(/-----BEGIN RSA PRIVATE KEY-----.*-----END RSA PRIVATE KEY-----/mg, '<redacted>')
+      .replace(/\/Users\/.*\//mg, '<redacted>');
+  },
   resourceDir: function () {
     return process.env.RESOURCES_PATH;
   },

src/WebUtil.js

@@ -35,10 +35,15 @@ var WebUtil = {
       };
 
       bugsnag.beforeNotify = function(payload) {
-        var re = new RegExp(util.home().replace(/\s+/g, '\\s+'), 'g');
-        payload.stacktrace = payload.stacktrace.replace(/%20/g, ' ').replace(re, '<redacted homedir>');
-        payload.context = payload.context.replace(/%20/g, ' ').replace(re, '<redacted homedir>');
-        payload.file = payload.file.replace(/%20/g, ' ').replace(re, '<redacted homedir>');
+        payload.stacktrace = util.removeSensitiveData(payload.stacktrace);
+        payload.context = util.removeSensitiveData(payload.context);
+        payload.file = util.removeSensitiveData(payload.file);
+
+        for(var key in payload.metaData) {
+          payload.metaData[key] = util.removeSensitiveData(payload.metaData[key]);
+        }
+
+        payload.message = '<redacted url>';
         payload.url = '<redacted url>';
       };
     }

styles/setup.less

@@ -59,7 +59,8 @@
           background-color: lighten(@brand-negative, 32%);
           padding: 10px;
           border-radius: 4px;
-          -webkit-user-select: text;
+          max-height: 400px;
+          overflow: auto;
         }
       }
     }