Skip to content

fix: Redact sensitive data from OTEL traces and fix env var parsing #1553

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

fix: Redact sensitive data from OTEL traces and fix env var parsing #1553

wants to merge 4 commits into from

Conversation

rajeevpodar
Copy link

@rajeevpodar rajeevpodar commented Sep 24, 2025
edited
Loading

fix: Redact sensitive data from OTEL traces and fix env var parsing

Summary

This PR addresses two key improvements:

  1. Redaction of Sensitive Data in OTEL Traces:

    • Ensures that sensitive information (such as authentication tokens, secret values, etc.) is not captured or exposed in OpenTelemetry traces.
    • Applies systematic filtering and redaction to both HTTP request and response data included in trace spans.

  2. Robust Environment Variable Parsing:

    • Fixes and simplifies the logic for parsing environment variables to avoid misconfigurations and potential runtime errors.

Details

  • The implementation closely follows the OpenTelemetry HTTP semantic conventions, ensuring that all HTTP spans generated by the library are compliant.
  • All relevant HTTP attributes in traces are set according to the specification, while omitting or redacting values that are considered sensitive.
  • Includes tests and documentation updates to reflect the improved behavior.

Motivation

  • Security: Preventing leakage of sensitive information via telemetry is essential for compliance and user trust.
  • Standardization: Aligning with OpenTelemetry semantic conventions improves interoperability with observability tools and makes traces easier to understand and analyze.

Related Links

Please let me know if further changes or clarifications are needed.

@product-auto-label product-auto-label bot added size: m Pull request size is medium. api: storage Issues related to the googleapis/python-storage API. labels Sep 24, 2025
@chandra-siri chandra-siri self-assigned this Sep 24, 2025
@rajeevpodar rajeevpodar force-pushed the fix_hide_sensitive_query_keys branch from 7c4be24 to 91f04b2 Compare September 25, 2025 04:36
@rajeevpodar rajeevpodar marked this pull request as ready for review September 25, 2025 04:48
@rajeevpodar rajeevpodar requested review from a team as code owners September 25, 2025 04:48
@chandra-siri chandra-siri added the owlbot:run Add this label to trigger the Owlbot post processor. label Sep 25, 2025
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Sep 25, 2025
chandra-siri
chandra-siri requested changes Sep 25, 2025
View reviewed changes
google/cloud/storage/_opentelemetry_tracing.py
val = os.environ.get(name, None)
if val is None:
return default
return str(val).strip().lower() in {"1", "true", "yes", "on"}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: coercing to str is not required. Just val.strip().lower() should work fine because output from os.environ.get is always str or None. If None, it's caught in line35 and default is returned.

tests/unit/test__opentelemetry_tracing.py
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to add one more unit test . It should test that tracing are disabled when a user sets ENABLE_GCS_PYTHON_CLIENT_OTEL_TRACES to False (or any value other than {1, true, on, yes} )

ie negative unit test of test_enable_trace_yield_span

google/cloud/storage/_opentelemetry_tracing.py
full_url = client._connection.build_api_url(request.get("path"))
attr.update(_get_opentelemetry_attributes_from_url(full_url, strip_query=True))
if "timeout" in request:
attr["connect_timeout,read_timeout"] = str(request.get("timeout"))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there's no need to change timeout section of the code and convert into str()

tests/unit/test__opentelemetry_tracing.py
"server.address": "testOtel.org",
"url.path": "/foo/bar/baz",
"url.scheme": "https",
"connect_timeout,read_timeout": str((100, 100)),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if we don't change timeout param in the production file, we need not change the same here in test file.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chandra-siri chandra-siri chandra-siri requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@chandra-siri chandra-siri

Labels
api: storage Issues related to the googleapis/python-storage API. size: m Pull request size is medium.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rajeevpodar @chandra-siri