Project

General

Profile

Actions

Feature #11176

open

Foreman should have a mechanism for stripping sensitive information out of the database for debugging and reporting purposes

Added by Martin Jackson over 8 years ago. Updated over 8 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Database
Target version:
-
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

There should be a way to programmatically remove sensitive/identifying information from the foreman database, but still allow it to be used to model, for example, unfortunate query behaviors (such as N+1 queries), etc.

We have developed a process for doing this, which involves a script and a second machine. The process is destructive to the database, so we wouldn't want to run this script on the production instance.

The outline of the process is as follows:

• Export a database snapshot
• Load the snapshot on a “safe” test machine
• Change the production access restrictions (i.e. change the database password for the foreman user in the DB)
• Perform the following data transformations:
o Delete authentication sources that are not internal (i.e. LDAP integrations)
o Set the admin user password to “changeme”
o Delete all non-admin users
o Obfuscate all non-smartclass parameters to the string “Overridden”
o Set all Foreman global settings to their defaults
o Change all parameter overrides to obfuscated strings that are syntactically legal but not useful.
o Purge all user sessions
o Purge all audit records

What the database still does have is all of our regular hostnames, fact, and report data.

I’ve validated that the resulting database can be used with a standalone application instance, and can be used (for example) to explore expensive database queries, fact queries, etc.


Files

sanitize_foreman.py sanitize_foreman.py 777 Bytes Python3 script to programmatically execute SQL statements (built to run against rh-python34 SCL) Martin Jackson, 07/21/2015 10:46 AM
sanitize_foreman.json sanitize_foreman.json 2.16 KB JSON file containing SQL statements to run, in sequence, to "sanitize" foreman database Martin Jackson, 07/21/2015 10:47 AM
Actions #1

Updated by Dominic Cleal over 8 years ago

  • Category set to Database
Actions #2

Updated by Ohad Levy over 8 years ago

I could think of a few more:

  • audits
  • compute resources
  • report content? (e.g. diff)
Actions

Also available in: Atom PDF