hide sensitive data in log

cmd/initializer.go

@@ -9,6 +9,7 @@ import (
 	"github.com/mayswind/lab/pkg/datastore"
 	"github.com/mayswind/lab/pkg/log"
 	"github.com/mayswind/lab/pkg/settings"
+	"github.com/mayswind/lab/pkg/utils"
 	"github.com/mayswind/lab/pkg/uuid"
 )
 
@@ -64,8 +65,22 @@ func initializeSystem(c *cli.Context) (*settings.Config, error) {
 		return nil, err
 	}
 
-	cfgJson, _ := json.Marshal(config)
+	cfgJson, _ := json.Marshal(getConfigWithNoSensitiveData(config))
 	log.BootInfof("[initializer.initializeSystem] has loaded configuration %s", cfgJson)
 
 	return config, nil
 }
+
+func getConfigWithNoSensitiveData(config *settings.Config) *settings.Config {
+	clonedConfig := &settings.Config{}
+	err := utils.Clone(config, clonedConfig)
+
+	if err != nil {
+		return config
+	}
+
+	clonedConfig.DatabaseConfig.DatabasePassword = "****"
+	clonedConfig.SecretKey = "****"
+
+	return clonedConfig
+}

pkg/utils/object.go

@@ -0,0 +1,22 @@
+package utils
+
+import (
+	"bytes"
+	"encoding/gob"
+)
+
+func Clone(src, dst interface{}) error {
+	var buf bytes.Buffer
+
+	if err := gob.NewEncoder(&buf).Encode(src); err != nil {
+		return err
+	}
+
+	err := gob.NewDecoder(bytes.NewBuffer(buf.Bytes())).Decode(dst)
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}