ODIn/spark-instrumented-optimizer
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
spark-instrumented-optimizer/build/spark-build-info
Prashant Sharma 89bf2afb33 [SPARK-34327][BUILD] Strip passwords from inlining into build information while releasing 
### What changes were proposed in this pull request?

Strip passwords from getting inlined into build information, inadvertently.

` https://user:passdomain/foo -> https://domain/foo`

### Why are the changes needed?
This can be a serious security issue, esp. during a release.

### Does this PR introduce _any_ user-facing change?

No.

### How was this patch tested?

Tested by executing the following command on both Mac OSX and Ubuntu.

```
echo url=$(git config --get remote.origin.url |  sed 's|https://\(.*\)\(.*\)|https://\2|')
```

Closes #31436 from ScrapCodes/strip_pass.

Authored-by: Prashant Sharma <prashsh1@in.ibm.com>
Signed-off-by: HyukjinKwon <gurwls223@apache.org>
2021-02-03 15:02:35 +09:00

39 lines
1.5 KiB
Bash
Executable file
Raw Blame History

#!/usr/bin/env bash
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# This script generates the build info for spark and places it into the spark-version-info.properties file.
# Arguments:
# build_tgt_directory - The target directory where properties file would be created. [./core/target/extra-resources]
# spark_version - The current version of spark
RESOURCE_DIR="$1"
mkdir -p "$RESOURCE_DIR"
SPARK_BUILD_INFO="${RESOURCE_DIR}"/spark-version-info.properties
echo_build_properties() {
echo version=$1
echo user=$USER
echo revision=$(git rev-parse HEAD)
echo branch=$(git rev-parse --abbrev-ref HEAD)
echo date=$(date -u +%Y-%m-%dT%H:%M:%SZ)
echo url=$(git config --get remote.origin.url | sed 's|https://\(.*\)@\(.*\)|https://\2|')
}
echo_build_properties $2 > "$SPARK_BUILD_INFO"
Reference in a new issue View git blame Copy permalink