Automatically filter out secrets (#1182)

I'd like to extend the regex list here very soon, but start off by automatically filtering out secrets. Do not store them in history! I've included regex for: 1. AWS key id 2. Github pat (old and new) 3. Slack oauth tokens (bot, user) 4. Slack webhooks 5. Stripe live/test keys Will need updating after #806
author: Ellie Huxtable <ellie@elliehuxtable.com> 2023-08-19 12:28:39 +0100
committer: GitHub <noreply@github.com> 2023-08-19 12:28:39 +0100
commit: 73bd8015c3ba50ceb5168a8b67bb1ac5d3b48dc1 (patch)
tree: 0fe6dbe55a7dda6bd93a72fbfcb29e6f3993e95c /atuin-client/src/settings.rs
parent: Update dependencies (#1181) (diff)
download: atuin-73bd8015c3ba50ceb5168a8b67bb1ac5d3b48dc1.zip
1 files changed, 42 insertions, 21 deletions
diff --git a/atuin-client/src/settings.rs b/atuin-client/src/settings.rs
index 67050792..c68be0d5 100644
--- a/atuin-client/src/settings.rs
+++ b/atuin-client/src/settings.rs
@@ -7,7 +7,9 @@ use std::{
 use atuin_common::record::HostId;
 use chrono::{prelude::*, Utc};
 use clap::ValueEnum;
-use config::{Config, Environment, File as ConfigFile, FileFormat};
+use config::{
+    builder::DefaultState, Config, ConfigBuilder, Environment, File as ConfigFile, FileFormat,
+};
 use eyre::{eyre, Context, Result};
 use fs_err::{create_dir_all, File};
 use parse_duration::parse;
@@ -168,6 +170,7 @@ pub struct Settings {
     pub history_filter: RegexSet,
     #[serde(with = "serde_regex", default = "RegexSet::empty")]
     pub cwd_filter: RegexSet,
+    pub secrets_filter: bool,
     pub workspaces: bool,
     pub ctrl_n_shortcuts: bool,
 
@@ -330,32 +333,15 @@ impl Settings {
         None
     }
 
-    pub fn new() -> Result<Self> {
-        let config_dir = atuin_common::utils::config_dir();
-
+    pub fn builder() -> Result<ConfigBuilder<DefaultState>> {
         let data_dir = atuin_common::utils::data_dir();
-
-        create_dir_all(&config_dir)
-            .wrap_err_with(|| format!("could not create dir {config_dir:?}"))?;
-        create_dir_all(&data_dir).wrap_err_with(|| format!("could not create dir {data_dir:?}"))?;
-
-        let mut config_file = if let Ok(p) = std::env::var("ATUIN_CONFIG_DIR") {
-            PathBuf::from(p)
-        } else {
-            let mut config_file = PathBuf::new();
-            config_file.push(config_dir);
-            config_file
-        };
-
-        config_file.push("config.toml");
-
         let db_path = data_dir.join("history.db");
         let record_store_path = data_dir.join("records.db");
 
         let key_path = data_dir.join("key");
         let session_path = data_dir.join("session");
 
-        let mut config_builder = Config::builder()
+        Ok(Config::builder()
             .set_default("db_path", db_path.to_str())?
             .set_default("record_store_path", record_store_path.to_str())?
             .set_default("key_path", key_path.to_str())?
@@ -384,11 +370,33 @@ impl Settings {
             .set_default("session_token", "")?
             .set_default("workspaces", false)?
             .set_default("ctrl_n_shortcuts", false)?
+            .set_default("secrets_filter", true)?
             .add_source(
                 Environment::with_prefix("atuin")
                     .prefix_separator("_")
                     .separator("__"),
-            );
+            ))
+    }
+
+    pub fn new() -> Result<Self> {
+        let config_dir = atuin_common::utils::config_dir();
+        let data_dir = atuin_common::utils::data_dir();
+
+        create_dir_all(&config_dir)
+            .wrap_err_with(|| format!("could not create dir {config_dir:?}"))?;
+        create_dir_all(&data_dir).wrap_err_with(|| format!("could not create dir {data_dir:?}"))?;
+
+        let mut config_file = if let Ok(p) = std::env::var("ATUIN_CONFIG_DIR") {
+            PathBuf::from(p)
+        } else {
+            let mut config_file = PathBuf::new();
+            config_file.push(config_dir);
+            config_file
+        };
+
+        config_file.push("config.toml");
+
+        let mut config_builder = Self::builder()?;
 
         config_builder = if config_file.exists() {
             config_builder.add_source(ConfigFile::new(
@@ -433,3 +441,16 @@ impl Settings {
         Ok(settings)
     }
 }
+
+impl Default for Settings {
+    fn default() -> Self {
+        // if this panics something is very wrong, as the default config
+        // does not build or deserialize into the settings struct
+        Self::builder()
+            .expect("Could not build default")
+            .build()
+            .expect("Could not build config")
+            .try_deserialize()
+            .expect("Could not deserialize config")
+    }
+}
author	Ellie Huxtable <ellie@elliehuxtable.com>	2023-08-19 12:28:39 +0100
committer	GitHub <noreply@github.com>	2023-08-19 12:28:39 +0100
commit	73bd8015c3ba50ceb5168a8b67bb1ac5d3b48dc1 (patch)
tree	0fe6dbe55a7dda6bd93a72fbfcb29e6f3993e95c /atuin-client/src/settings.rs
parent	Update dependencies (#1181) (diff)
download	atuin-73bd8015c3ba50ceb5168a8b67bb1ac5d3b48dc1.zip