sansguidon/snippets
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add redacted.sh for not leaking secrets when sharing logs

Browse Source
This commit is contained in:
SansGuidon 2025-05-13 13:26:22 +00:00
parent b7af34c0c3
commit 3f4a574e3a
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
redacted.sh Normal file
View File

@ -0,0 +1,28 @@
#!/usr/bin/env bash
default_rules=(
's/[0-9]\{1,3\}\(\.[0-9]\{1,3\}\)\{3\}/<REDACTED_IP>/g'
's/\b[a-zA-Z0-9._-]\+\.[a-zA-Z]\{2,\}\b/<REDACTED_DOMAIN>/g'
's/\b[A-Za-z0-9+\/=]\{20,\}\b/<REDACTED_TOKEN>/g'
's/\(password=\)\S\+/\1<REDACTED_PASS>/g'
)
rules=()
while [[ $1 =~ ^s/ ]]; do
rules+=("$1")
shift
done
[[ ${#rules[@]} -eq 0 ]] && rules=("${default_rules[@]}")
sed_expr=()
for r in "${rules[@]}"; do
sed_expr+=( -e "$r" )
done
# If files are passed, process them to stdout.
# If none, read from stdin to stdout.
if [[ $# -gt 0 ]]; then
sed "${sed_expr[@]}" "$@"
else
sed "${sed_expr[@]}"
fi