cleanse secrets from iscsi command logging

Signed-off-by: Travis Glenn Hansen <travisghansen@yahoo.com>

src/driver/freenas/api.js

@@ -377,7 +377,10 @@ class FreeNASApiDriver extends CsiBaseDriver {
                   }
 
                   // FreeNAS responding with bad data
-                  if (!sharePaths.includes(properties.mountpoint.value)) {
+                  if (
+                    !Array.isArray(sharePaths) ||
+                    !sharePaths.includes(properties.mountpoint.value)
+                  ) {
                     throw new GrpcError(
                       grpc.status.UNKNOWN,
                       `FreeNAS responded with incorrect share data: ${
@@ -2606,7 +2609,7 @@ class FreeNASApiDriver extends CsiBaseDriver {
       if (!(await httpApiClient.getIsScale())) {
         throw new GrpcError(
           grpc.status.FAILED_PRECONDITION,
-          `driver is only availalbe with TrueNAS SCALE`
+          `driver is only available with TrueNAS SCALE`
         );
       }
 

src/driver/freenas/ssh.js

@@ -474,7 +474,10 @@ class FreeNASSshDriver extends ControllerZfsBaseDriver {
                   }
 
                   // FreeNAS responding with bad data
-                  if (!sharePaths.includes(properties.mountpoint.value)) {
+                  if (
+                    !Array.isArray(sharePaths) ||
+                    !sharePaths.includes(properties.mountpoint.value)
+                  ) {
                     throw new GrpcError(
                       grpc.status.UNKNOWN,
                       `FreeNAS responded with incorrect share data: ${

src/utils/iscsi.js

@@ -613,7 +613,29 @@ class ISCSI {
       args.unshift(command);
       command = iscsi.options.paths.sudo;
     }
-    console.log("executing iscsi command: %s %s", command, args.join(" "));
+
+    // --name node.session.auth.password --value FOOBAR
+    let argIndex;
+    let cleansedArgs = [...args];
+    argIndex = args.findIndex((value) => {
+      return value.trim() == "node.session.auth.password";
+    });
+
+    if (argIndex >= 0 && cleansedArgs[argIndex + 1].trim() == "--value") {
+      cleansedArgs[argIndex + 2] = "redacted";
+    }
+
+    // --name node.session.auth.password_id --value FOOBAR
+    argIndex = args.findIndex((value) => {
+      return value.trim() == "node.session.auth.password_in";
+    });
+
+    if (argIndex >= 0 && cleansedArgs[argIndex + 1].trim() == "--value") {
+      cleansedArgs[argIndex + 2] = "redacted";
+    }
+
+    const cleansedLog = `${command} ${cleansedArgs.join(" ")}`;
+    console.log("executing iscsi command: %s", cleansedLog);
 
     return new Promise((resolve, reject) => {
       const child = iscsi.options.executor.spawn(command, args, options);