From 3f4a574e3a0a1cca2ce7f698c6c0fe986bdac333 Mon Sep 17 00:00:00 2001
From: SansGuidon <sansguidon@noreply.gitea.zoemp.be>
Date: Tue, 13 May 2025 13:26:22 +0000
Subject: [PATCH] add redacted.sh for not leaking secrets when sharing logs

---
 redacted.sh | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 redacted.sh

diff --git a/redacted.sh b/redacted.sh
new file mode 100644
index 0000000..964439b
--- /dev/null
+++ b/redacted.sh
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+default_rules=(
+  's/[0-9]\{1,3\}\(\.[0-9]\{1,3\}\)\{3\}/<REDACTED_IP>/g'
+  's/\b[a-zA-Z0-9._-]\+\.[a-zA-Z]\{2,\}\b/<REDACTED_DOMAIN>/g'
+  's/\b[A-Za-z0-9+\/=]\{20,\}\b/<REDACTED_TOKEN>/g'
+  's/\(password=\)\S\+/\1<REDACTED_PASS>/g'
+)
+
+rules=()
+while [[ $1 =~ ^s/ ]]; do
+  rules+=("$1")
+  shift
+done
+[[ ${#rules[@]} -eq 0 ]] && rules=("${default_rules[@]}")
+
+sed_expr=()
+for r in "${rules[@]}"; do
+  sed_expr+=( -e "$r" )
+done
+
+# If files are passed, process them to stdout.
+# If none, read from stdin to stdout.
+if [[ $# -gt 0 ]]; then
+  sed "${sed_expr[@]}" "$@"
+else
+  sed "${sed_expr[@]}"
+fi