Toutsu/GmRelayBot
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases 15 Wiki Activity

fix: redact bot secrets in startup logs
Deploy Telegram Bot / build-and-push (push) Successful in 4m24s
Details
Deploy Telegram Bot / deploy (push) Successful in 21s
Details

Browse Source
This commit is contained in:
Toutsu
2026-04-23 20:28:52 +03:00
parent 1c4cfb71c0
commit 9e7a202f42
3 changed files with 86 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/GmRelay.Bot.Tests/Infrastructure/Logging/SecretRedactorTests.cs
+31
View File
@@ -0,0 +1,31 @@
using GmRelay.Bot.Infrastructure.Logging;
namespace GmRelay.Bot.Tests.Infrastructure.Logging;
public sealed class SecretRedactorTests
{
[Fact]
public void RedactConnectionString_ShouldMaskDatabasePassword()
{
var result = SecretRedactor.RedactConnectionString(
"Host=localhost;Port=5432;Database=gmrelay;Username=gmrelay;Password=super-secret");
Assert.Contains("Password=***", result);
Assert.DoesNotContain("super-secret", result);
Assert.Contains("Host=localhost", result);
}
[Fact]
public void RedactText_ShouldMaskKnownSecretKeys()
{
var result = SecretRedactor.RedactText(
"Password=super-secret Token=telegram-token apiKey=service-key");
Assert.DoesNotContain("super-secret", result);
Assert.DoesNotContain("telegram-token", result);
Assert.DoesNotContain("service-key", result);
Assert.Contains("Password=***", result);
Assert.Contains("Token=***", result);
Assert.Contains("apiKey=***", result);
}
}