SONAR-7533 Hide sonar.login property in analysis.log sent in the scanner report

author Julien HENRY <julien.henry@sonarsource.com>

Mon, 11 Apr 2016 08:10:41 +0000 (10:10 +0200)

committer Julien HENRY <julien.henry@sonarsource.com>

Mon, 11 Apr 2016 15:03:32 +0000 (17:03 +0200)
author Julien HENRY <julien.henry@sonarsource.com>
Mon, 11 Apr 2016 08:10:41 +0000 (10:10 +0200)
committer Julien HENRY <julien.henry@sonarsource.com>
Mon, 11 Apr 2016 15:03:32 +0000 (17:03 +0200)
diff --git a/sonar-scanner-engine/src/main/java/org/sonar/batch/report/AnalysisContextReportPublisher.java b/sonar-scanner-engine/src/main/java/org/sonar/batch/report/AnalysisContextReportPublisher.java

index e76d215eb0b30585b2edabea58677b1bc843e7a4..d294f55db65c3550b173c83e5c686702f7b2ca40 100644 (file)
--- a/sonar-scanner-engine/src/main/java/org/sonar/batch/report/AnalysisContextReportPublisher.java
+++ b/sonar-scanner-engine/src/main/java/org/sonar/batch/report/AnalysisContextReportPublisher.java
@@ -29,6 +29,7 @@ import java.util.HashMap;
  import java.util.Map;
  import java.util.Properties;
  import java.util.TreeSet;
+import org.sonar.api.CoreProperties;
  import org.sonar.api.batch.AnalysisMode;
  import org.sonar.api.batch.BatchSide;
  import org.sonar.api.batch.bootstrap.ProjectDefinition;
@@ -174,6 +175,6 @@ public class AnalysisContextReportPublisher {
    }
  
    private static boolean sensitive(String key) {
-    return key.contains(".password") || key.contains(".secured");
+    return key.equals(CoreProperties.LOGIN) || key.contains(".password") || key.contains(".secured");
    }
  }
diff --git a/sonar-scanner-engine/src/test/java/org/sonar/batch/report/AnalysisContextReportPublisherTest.java b/sonar-scanner-engine/src/test/java/org/sonar/batch/report/AnalysisContextReportPublisherTest.java

index 9d82457263c31e31020b0b9e235eb6fac63f74a6..82e3346ca60a5765f35fe416d0838c2e85a643bd 100644 (file)
--- a/sonar-scanner-engine/src/test/java/org/sonar/batch/report/AnalysisContextReportPublisherTest.java
+++ b/sonar-scanner-engine/src/test/java/org/sonar/batch/report/AnalysisContextReportPublisherTest.java
@@ -190,11 +190,13 @@ public class AnalysisContextReportPublisherTest {
      publisher.dumpModuleSettings(ProjectDefinition.create()
        .setProperty("sonar.projectKey", "foo")
        .setProperty("sonar.projectKey", "foo")
+      .setProperty("sonar.login", "my_token")
        .setProperty("sonar.password", "azerty")
        .setProperty("sonar.cpp.license.secured", "AZERTY"));
  
      assertThat(FileUtils.readFileToString(writer.getFileStructure().analysisLog())).containsSequence(
        "sonar.cpp.license.secured=******",
+      "sonar.login=******",
        "sonar.password=******",
        "sonar.projectKey=foo");
    }
author	Julien HENRY <julien.henry@sonarsource.com>
	Mon, 11 Apr 2016 08:10:41 +0000 (10:10 +0200)
committer	Julien HENRY <julien.henry@sonarsource.com>
	Mon, 11 Apr 2016 15:03:32 +0000 (17:03 +0200)
sonar-scanner-engine/src/main/java/org/sonar/batch/report/AnalysisContextReportPublisher.java		patch \| blob \| history
sonar-scanner-engine/src/test/java/org/sonar/batch/report/AnalysisContextReportPublisherTest.java		patch \| blob \| history