Add encrypted debug output for RunBuildWithMasking failures
What does this MR do?
Logs the raw and unmasked/unfiltered build output from the RunBuildWithMasking integration tests on failure so that they can be replayed.
The log is encrypted with a key that will be stored in 1password.
Why was this MR needed?
We currently have a bug introduced by the URL Scrubbing MR that cannot be reproduced locally, nor in the numerous unit tests, but does fail occasionally for the RunBuildWithMasking integration test for the bash shell.
We need to know exactly what buffer of data is being passed to calls to Write(), to replay the same scenario for local debugging.
Unfortunately, the build variables used as part of the test also include the system's environment variables. Because we want to output the raw unfiltered log, this poses a slight security issue. Due to this, we also encrypt the raw log.
This code can be later reverted after we've diagnosed the issue. However, at the same time, diagnosing future issues like this is different as debugging using the filtered output alone can be influenced by the Runner uses to execute the test, so could be worth keeping.
What's the best way to test this MR?
I've added a ReplayLoggedTrace which is a convience function to be called using some additional setup to replay the log given the base64 encoded and encrypted output from a failed test.
- Modify
RunBuildWithMaskingso that it fails. - Grab the base64 encoded output on the failure.
- Use the convenice function to setup a replay for further debugging:
func TestReplayLoggedTrace(t *testing.T) { ReplayLoggedTrace(t, "rsa-2048-private-key.p8", `base64 encoded data`) }