Merge pull request #45 from silinternational/feature/filtersenstives

Filter sensitive values from Sentry events

Author: Praveenraj-K

application/backup.sh

@@ -41,12 +41,26 @@ function get_server_cert() {
     fi
 }
 
+# Function to remove sensitive values from sentry Event
+filter_sensitive_values() {
+    local msg="$1"
+    for var in AWS_ACCESS_KEY AWS_SECRET_KEY B2_APPLICATION_KEY B2_APPLICATION_KEY_ID MYSQL_PASSWORD; do
+        val="${!var}"
+        if [ -n "$val" ]; then
+            msg="${msg//$val/[FILTERED]}"
+        fi
+    done
+    echo "$msg"
+}
+
 # Sentry reporting with validation and backwards compatibility
 error_to_sentry() {
     local error_message="$1"
     local db_name="$2"
     local status_code="$3"
 
+    error_message=$(filter_sensitive_values "$error_message")
+
     # Check if SENTRY_DSN is configured - ensures backup continues
     if [ -z "${SENTRY_DSN:-}" ]; then
         log "DEBUG" "Sentry logging skipped - SENTRY_DSN not configured"

application/restore.sh

@@ -16,12 +16,26 @@ function get_server_cert() {
     fi
 }
 
+# Function to remove sensitive values from sentry Event
+filter_sensitive_values() {
+    local msg="$1"
+    for var in AWS_ACCESS_KEY AWS_SECRET_KEY B2_APPLICATION_KEY B2_APPLICATION_KEY_ID MYSQL_PASSWORD; do
+        val="${!var}"
+        if [ -n "$val" ]; then
+            msg="${msg//$val/[FILTERED]}"
+        fi
+    done
+    echo "$msg"
+}
+
 # Sentry reporting with validation and backwards compatibility
 error_to_sentry() {
     local error_message="$1"
     local db_name="$2"
     local status_code="$3"
 
+    error_message=$(filter_sensitive_values "$error_message")
+
     # Check if SENTRY_DSN is configured - ensures restore continues
     if [ -z "${SENTRY_DSN:-}" ]; then
         log "DEBUG" "Sentry logging skipped - SENTRY_DSN not configured"