Home Explore Help
Register Sign In
ai
/
OpenHands
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 7071742d4a
Branches Tags
OpenHands
/
tests
/
unit
/
test_logging.py

test_logging.py 4.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129 
  1. import logging
    2. 

  2. from io import StringIO
    3. 

  3. 

  4. import pytest
    5. 

  5. 

  6. from openhands.core.config import AppConfig, LLMConfig
    7. 

  7. from openhands.core.logger import openhands_logger as openhands_logger
    8. 

  8. 

  9. 

  10. @pytest.fixture
    11. 

  11. def test_handler():
    12. 

  12.     stream = StringIO()
    13. 

  13.     handler = logging.StreamHandler(stream)
    14. 

  14.     handler.setLevel(logging.INFO)
    15. 

  15.     formatter = logging.Formatter('%(message)s')
    16. 

  16.     handler.setFormatter(formatter)
    17. 

  17.     openhands_logger.addHandler(handler)
    18. 

  18.     yield openhands_logger, stream
    19. 

  19.     openhands_logger.removeHandler(handler)
    20. 

  20. 

  21. 

  22. def test_openai_api_key_masking(test_handler):
    23. 

  23.     logger, stream = test_handler
    24. 

  24. 

  25.     api_key = 'sk-1234567890abcdef'
    26. 

  26.     message = f"OpenAI API key: api_key='{api_key}'and there's some stuff here"
    27. 

  27.     logger.info(message)
    28. 

  28.     log_output = stream.getvalue()
    29. 

  29.     assert "api_key='******'" in log_output
    30. 

  30.     assert api_key not in log_output
    31. 

  31. 

  32. 

  33. def test_azure_api_key_masking(test_handler):
    34. 

  34.     logger, stream = test_handler
    35. 

  35.     api_key = '1a2b3c4d5e6f7g8h9i0j'
    36. 

  36.     message = f"Azure API key: api_key='{api_key}' and chatty chat with ' and \" and '"
    37. 

  37.     logger.info(message)
    38. 

  38.     log_output = stream.getvalue()
    39. 

  39.     assert "api_key='******'" in log_output
    40. 

  40.     assert api_key not in log_output
    41. 

  41. 

  42. 

  43. def test_google_vertex_api_key_masking(test_handler):
    44. 

  44.     logger, stream = test_handler
    45. 

  45.     api_key = 'AIzaSyA1B2C3D4E5F6G7H8I9J0'
    46. 

  46.     message = f"Google Vertex API key: api_key='{api_key}' or not"
    47. 

  47.     logger.info(message)
    48. 

  48.     log_output = stream.getvalue()
    49. 

  49.     assert "api_key='******'" in log_output
    50. 

  50.     assert api_key not in log_output
    51. 

  51. 

  52. 

  53. def test_anthropic_api_key_masking(test_handler):
    54. 

  54.     logger, stream = test_handler
    55. 

  55.     api_key = 'sk-ant-1234567890abcdef-some-more-stuff-here'
    56. 

  56.     message = f"Anthropic API key: api_key='{api_key}' and there's some 'stuff' here"
    57. 

  57.     logger.info(message)
    58. 

  58.     log_output = stream.getvalue()
    59. 

  59.     assert "api_key='******'" in log_output
    60. 

  60.     assert api_key not in log_output
    61. 

  61. 

  62. 

  63. def test_llm_config_attributes_masking(test_handler):
    64. 

  64.     logger, stream = test_handler
    65. 

  65.     llm_config = LLMConfig(
    66. 

  66.         api_key='sk-abc123',
    67. 

  67.         aws_access_key_id='AKIAIOSFODNN7EXAMPLE',
    68. 

  68.         aws_secret_access_key='wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY',
    69. 

  69.     )
    70. 

  70.     logger.info(f'LLM Config: {llm_config}')
    71. 

  71.     log_output = stream.getvalue()
    72. 

  72.     assert "api_key='******'" in log_output
    73. 

  73.     assert "aws_access_key_id='******'" in log_output
    74. 

  74.     assert "aws_secret_access_key='******'" in log_output
    75. 

  75.     assert 'sk-abc123' not in log_output
    76. 

  76.     assert 'AKIAIOSFODNN7EXAMPLE' not in log_output
    77. 

  77.     assert 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY' not in log_output
    78. 

  78. 

  79. 

  80. def test_app_config_attributes_masking(test_handler):
    81. 

  81.     logger, stream = test_handler
    82. 

  82.     app_config = AppConfig(e2b_api_key='e2b-xyz789')
    83. 

  83.     logger.info(f'App Config: {app_config}')
    84. 

  84.     log_output = stream.getvalue()
    85. 

  85.     assert "e2b_api_key='******'" in log_output
    86. 

  86.     assert 'github_token' not in log_output
    87. 

  87.     assert 'e2b-xyz789' not in log_output
    88. 

  88.     assert 'ghp_abcdefghijklmnopqrstuvwxyz' not in log_output
    89. 

  89. 

  90. 

  91. def test_sensitive_env_vars_masking(test_handler):
    92. 

  92.     logger, stream = test_handler
    93. 

  93.     sensitive_data = {
    94. 

  94.         'API_KEY': 'API_KEY_VALUE',
    95. 

  95.         'AWS_ACCESS_KEY_ID': 'AWS_ACCESS_KEY_ID_VALUE',
    96. 

  96.         'AWS_SECRET_ACCESS_KEY': 'AWS_SECRET_ACCESS_KEY_VALUE',
    97. 

  97.         'E2B_API_KEY': 'E2B_API_KEY_VALUE',
    98. 

  98.         'GITHUB_TOKEN': 'GITHUB_TOKEN_VALUE',
    99. 

  99.         'JWT_SECRET': 'JWT_SECRET_VALUE',
    100. 

  100.     }
    101. 

  101. 

  102.     log_message = ' '.join(
    103. 

  103.         f"{attr}='{value}'" for attr, value in sensitive_data.items()
    104. 

  104.     )
    105. 

  105.     logger.info(log_message)
    106. 

  106. 

  107.     log_output = stream.getvalue()
    108. 

  108.     for attr, value in sensitive_data.items():
    109. 

  109.         assert f"{attr}='******'" in log_output
    110. 

  110.         assert value not in log_output
    111. 

  111. 

  112. 

  113. def test_special_cases_masking(test_handler):
    114. 

  114.     logger, stream = test_handler
    115. 

  115.     sensitive_data = {
    116. 

  116.         'LLM_API_KEY': 'LLM_API_KEY_VALUE',
    117. 

  117.         'SANDBOX_ENV_GITHUB_TOKEN': 'SANDBOX_ENV_GITHUB_TOKEN_VALUE',
    118. 

  118.     }
    119. 

  119. 

  120.     log_message = ' '.join(
    121. 

  121.         f"{attr}={value} with no single quotes' and something"
    122. 

  122.         for attr, value in sensitive_data.items()
    123. 

  123.     )
    124. 

  124.     logger.info(log_message)
    125. 

  125. 

  126.     log_output = stream.getvalue()
    127. 

  127.     for attr, value in sensitive_data.items():
    128. 

  128.         assert f"{attr}='******'" in log_output
    129. 

  129.         assert value not in log_output
    130.