From 430677d43cf4e591aa86a6c24268d02f15f7162a Mon Sep 17 00:00:00 2001
From: Eduardo Naves <92769459+NavesEdu@users.noreply.github.com>
Date: Tue, 23 Jan 2024 22:01:04 -0300
Subject: [PATCH] Fix the password display problem when passing the chart link
 (#1281)

* Fix the password display problem when passing the
chart link

Signed-off-by: Eduardo Naves <eduardonaves41@gmail.com>
---
 pkg/state/state.go      | 20 +++++++++++++++++++-
 pkg/state/state_test.go | 22 ++++++++++++++++++++++
 2 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/pkg/state/state.go b/pkg/state/state.go
index 16f228c9..061109ff 100644
--- a/pkg/state/state.go
+++ b/pkg/state/state.go
@@ -7,6 +7,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"net/url"
 	"os"
 	"path/filepath"
 	"regexp"
@@ -3192,6 +3193,18 @@ func renderValsSecrets(e vals.Evaluator, input ...string) ([]string, error) {
 	return output, nil
 }
 
+func hideChartCredentials(chartCredentials string) (string, error) {
+	u, err := url.Parse(chartCredentials)
+	if err != nil {
+		return "", err
+	}
+	if u.User != nil {
+		u.User = url.UserPassword("---", "---")
+	}
+	modifiedURL := u.String()
+	return modifiedURL, nil
+}
+
 // DisplayAffectedReleases logs the upgraded, deleted and in error releases
 func (ar *AffectedReleases) DisplayAffectedReleases(logger *zap.SugaredLogger) {
 	if ar.Upgraded != nil && len(ar.Upgraded) > 0 {
@@ -3203,7 +3216,12 @@ func (ar *AffectedReleases) DisplayAffectedReleases(logger *zap.SugaredLogger) {
 		)
 		tbl.Separator = "   "
 		for _, release := range ar.Upgraded {
-			err := tbl.AddRow(release.Name, release.Chart, release.installedVersion, release.duration.Round(time.Second))
+			modifiedChart, modErr := hideChartCredentials(release.Chart)
+			if modErr != nil {
+				logger.Warn("Could not modify chart credentials, %v", modErr)
+				continue
+			}
+			err := tbl.AddRow(release.Name, modifiedChart, release.installedVersion, release.duration.Round(time.Second))
 			if err != nil {
 				logger.Warn("Could not add row, %v", err)
 			}
diff --git a/pkg/state/state_test.go b/pkg/state/state_test.go
index 2692c506..f50bb261 100644
--- a/pkg/state/state_test.go
+++ b/pkg/state/state_test.go
@@ -3455,3 +3455,25 @@ func TestAppendChartDownloadTLSFlags(t *testing.T) {
 		})
 	}
 }
+
+func TestHideChartURL(t *testing.T) {
+	tests := []struct {
+		input    string
+		expected string
+	}{
+		{"http://username:password@example.com/", "http://---:---@example.com/"},
+		{"http://example.com@", "http://---:---@"},
+		{"https://username:password@example.com/", "https://---:---@example.com/"},
+		{"https://username:@password@example.com/", "https://---:---@example.com/"},
+		{"https://username::password@example.com/", "https://---:---@example.com/"},
+		{"https://username:httpd@example.com/", "https://---:---@example.com/"},
+		{"https://username:httpsd@example.com/", "https://---:---@example.com/"},
+		{"https://example.com/", "https://example.com/"},
+	}
+	for _, test := range tests {
+		result, _ := hideChartCredentials(test.input)
+		if result != test.expected {
+			t.Errorf("For input '%s', expected '%s', but got '%s'", test.input, test.expected, result)
+		}
+	}
+}