From 760a87fe064494ba12d01daadf1e15e2d4490384 Mon Sep 17 00:00:00 2001
From: David Heinemeier Hansson <david@loudthinking.com>
Date: Sun, 15 Jan 2023 13:15:14 +0100
Subject: [PATCH] Redact build args (since they are often tokens)

---
 lib/mrsk/commands/app.rb          | 4 ++--
 lib/mrsk/commands/base.rb         | 5 -----
 lib/mrsk/commands/builder/base.rb | 2 +-
 lib/mrsk/configuration.rb         | 5 +++--
 4 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/lib/mrsk/commands/app.rb b/lib/mrsk/commands/app.rb
index 42245ddd..f74c7a0b 100644
--- a/lib/mrsk/commands/app.rb
+++ b/lib/mrsk/commands/app.rb
@@ -8,7 +8,7 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
       "-d",
       "--restart unless-stopped",
       "--name", config.service_with_version,
-      "-e", redact("RAILS_MASTER_KEY=#{config.master_key}"),
+      "-e", Mrsk::Utils.redact("RAILS_MASTER_KEY=#{config.master_key}"),
       *config.env_args,
       *role.label_args,
       config.absolute_image,
@@ -34,7 +34,7 @@ class Mrsk::Commands::App < Mrsk::Commands::Base
   def exec(*command, interactive: false)
     docker :exec,
       ("-it" if interactive),
-      "-e", redact("RAILS_MASTER_KEY=#{config.master_key}"),
+      "-e", Mrsk::Utils.redact("RAILS_MASTER_KEY=#{config.master_key}"),
       *config.env_args,
       config.service_with_version,
       *command
diff --git a/lib/mrsk/commands/base.rb b/lib/mrsk/commands/base.rb
index f9404368..36ad82ea 100644
--- a/lib/mrsk/commands/base.rb
+++ b/lib/mrsk/commands/base.rb
@@ -18,10 +18,5 @@ module Mrsk::Commands
       def docker(*args)
         args.compact.unshift :docker
       end
-
-      # Copied from SSHKit::Backend::Abstract#redact to be available inside Commands classes
-      def redact(arg) # Used in execute_command to hide redact() args a user passes in
-        arg.to_s.extend(SSHKit::Redaction) # to_s due to our inability to extend Integer, etc
-      end      
   end
 end
diff --git a/lib/mrsk/commands/builder/base.rb b/lib/mrsk/commands/builder/base.rb
index 172d434b..54446dec 100644
--- a/lib/mrsk/commands/builder/base.rb
+++ b/lib/mrsk/commands/builder/base.rb
@@ -8,7 +8,7 @@ class Mrsk::Commands::Builder::Base < Mrsk::Commands::Base
   end
 
   def build_args
-    argumentize "--build-arg", args
+    argumentize "--build-arg", args, redacted: true
   end
 
   private
diff --git a/lib/mrsk/configuration.rb b/lib/mrsk/configuration.rb
index 5f920d97..0920d276 100644
--- a/lib/mrsk/configuration.rb
+++ b/lib/mrsk/configuration.rb
@@ -3,6 +3,7 @@ require "active_support/core_ext/string/inquiry"
 require "active_support/core_ext/module/delegation"
 require "pathname"
 require "erb"
+require "mrsk/utils"
 
 class Mrsk::Configuration
   delegate :service, :image, :servers, :env, :labels, :registry, :builder, to: :config, allow_nil: true
@@ -16,8 +17,8 @@ class Mrsk::Configuration
       end
     end
 
-    def argumentize(argument, attributes)
-      attributes.flat_map { |k, v| [ argument, "#{k}=#{v}" ] }
+    def argumentize(argument, attributes, redacted: false)
+      attributes.flat_map { |k, v| [ argument, redacted ? Mrsk::Utils.redact("#{k}=#{v}") : "#{k}=#{v}" ] }
     end
   end