Skip to content

doc: Update logback-test.xml example to show how to enable DEBUG only for Testcontainers #5976

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 5, 2022
Merged

doc: Update logback-test.xml example to show how to enable DEBUG only for Testcontainers #5976

merged 3 commits into from
Oct 5, 2022

Conversation

@edysli
Copy link
Contributor

@edysli edysli commented Oct 4, 2022

Update the recommended logging configuration to reduce the risk of people enabling DEBUG level on the root logger, thereby potentially exposing secrets in HTTP traffic, and being swamped by log data. The example logback-test.xml now disables Apache HTTP client wire logging and shows how to enable debug logging only for Testcontainers.

Fixes #4913

@edysli edysli requested a review from a team October 4, 2022 22:16
@edysli
Copy link
Contributor Author

edysli commented Oct 4, 2022

There are other instances of logback-test.xml in docs/examples/. @rnorth should these be updated as well?

@kiview
Copy link
Member

kiview commented Oct 5, 2022

Thanks for the PR @edysli. The other instances are what is the effective configuration when developing testcontainers-java, I don't think we necessarily need to touch those.

kiview
kiview requested changes Oct 5, 2022
View reviewed changes
edysli and others added 3 commits October 5, 2022 21:24
@edysli
Recommend disabling Apache HTTP client wire logging
91f0ec7 
Apache HTTP client's wire logger produces a large amount of log data,
which can include secrets. Therefore recommend turning it off, so that
it won't become enabled in case the root logger's level is increased
to DEBUG.

Fixes testcontainers#4913
@edysli
Recommend enabling debug logging only for org.testcontainers
8d0efd6 
Add an example showing how to enable debug logging only for the
`org.testcontainers` package. Recommend against enabling debug level
on the root logger in order to not be swamped by log data.

Fixes testcontainers#4913
@edysli @kiview
Use shaded org.apache.hc
5958778 
Co-authored-by: Kevin Wittek <[email protected]>
@edysli
Copy link
Contributor Author

edysli commented Oct 5, 2022

The CircleCI action failed with:

Exception in thread "main" java.io.IOException: Downloading from https://services.gradle.org/distributions/gradle-7.5.1-all.zip failed: timeout
[...]
Caused by: java.net.SocketTimeoutException: Connect timed out

:(
Is there a way to rerun that action?

@edysli edysli requested a review from kiview October 5, 2022 19:32
@eddumelendez eddumelendez added this to the next milestone Oct 5, 2022
@eddumelendez eddumelendez merged commit 478b049 into testcontainers:main Oct 5, 2022
@eddumelendez
Copy link
Member

eddumelendez commented Oct 5, 2022

thanks for your contribution @edysli ! This is now merged in main branch

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kiview kiview Awaiting requested review from kiview

Assignees

No one assigned

Labels

type/docs

Projects

None yet

Milestone

1.17.6

Development

Successfully merging this pull request may close these issues.

Update documentation with recommended logback config to avoid risk of DEBUG level logs exposing user credentials

3 participants

@edysli @kiview @eddumelendez