Skip to content

Improved metadata binding parsing and validation. #11101

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 12 commits into from
Jul 15, 2025
Merged

Conversation

kshyju
Copy link
Member

@kshyju kshyju commented May 31, 2025

Improving how metadata binding is being read and used. Handles both worker indexing and host indexing cases.

Pull request checklist

IMPORTANT: Currently, changes must be backported to the in-proc branch to be included in Core Tools and non-Flex deployments.

  • Backporting to the in-proc branch is not required
    • Otherwise: Link to backporting PR
  • My changes do not require documentation changes
    • Otherwise: Documentation issue linked to PR
  • My changes should not be added to the release notes for the next release
    • Otherwise: I've added my notes to release_notes.md
  • My changes do not need to be backported to a previous version
    • Otherwise: Backport tracked by issue/PR #issue_or_pr - will follow
  • My changes do not require diagnostic events changes
    • Otherwise: I have added/updated all related diagnostic events and their documentation (Documentation issue linked to PR)
  • I have added all required tests (Unit tests, E2E tests)

@kshyju kshyju requested a review from a team as a code owner May 31, 2025 00:44
@kshyju
Copy link
Member Author

kshyju commented Jun 30, 2025

Had offline sync with @surgupta-msft and agreed to mask only the "connection" binding value.

@kshyju kshyju requested a review from surgupta-msft July 1, 2025 00:28
@kshyju kshyju force-pushed the shkr/placeholder_start branch from ed60f35 to c0129c5 Compare July 1, 2025 00:44
@kshyju kshyju force-pushed the shkr/placeholder_start branch from b317aee to dff555b Compare July 1, 2025 14:59
@kshyju kshyju force-pushed the shkr/placeholder_start branch from 9be495d to 3377dd6 Compare July 3, 2025 22:40
@kshyju kshyju requested a review from Copilot July 7, 2025 16:28
Copilot

This comment was marked as outdated.

@kshyju kshyju requested a review from Copilot July 7, 2025 20:57
Copilot

This comment was marked as outdated.

@kshyju kshyju requested a review from RohitRanjanMS July 14, 2025 18:11
@kshyju kshyju requested review from surgupta-msft and Copilot July 14, 2025 18:12
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR improves metadata binding parsing and validation by implementing sanitization of sensitive data (specifically connection strings) in function metadata bindings. The changes handle both worker indexing and host indexing scenarios to prevent exposure of sensitive credentials in logs or error messages.

  • Introduces a new MetadataJsonHelper class with methods to sanitize sensitive properties in JSON objects
  • Updates both WorkerFunctionMetadataProvider and HostFunctionMetadataProvider to use the sanitization logic
  • Adds comprehensive test coverage for the new sanitization functionality

Reviewed Changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
src/WebJobs.Script/Host/MetadataJsonHelper.cs New helper class providing JSON sanitization methods for sensitive metadata properties
src/WebJobs.Script/ScriptConstants.cs Adds constant defining sensitive binding property names (connection)
src/WebJobs.Script/Host/WorkerFunctionMetadataProvider.cs Updates binding validation to use sanitization and removes unused serializer settings
src/WebJobs.Script/Host/HostFunctionMetadataProvider.cs Integrates sanitization into metadata parsing for host functions
src/WebJobs.Script.WebHost/Extensions/FunctionMetadataExtensions.cs Adds sanitization when reading function configuration from files
test/WebJobs.Script.Tests/MetadataJsonHelperTests.cs Comprehensive test suite for the new sanitization functionality
test/WebJobs.Script.Tests/WorkerFunctionMetadataProviderTests.cs Test ensuring worker provider masks sensitive data correctly
test/WebJobs.Script.Tests/HostFunctionMetadataProviderTests.cs Test ensuring host provider masks sensitive data correctly
release_notes.md Documents the metadata binding validation improvement

@kshyju kshyju merged commit a20b307 into dev Jul 15, 2025
9 checks passed
@kshyju kshyju deleted the shkr/placeholder_start branch July 15, 2025 15:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants