[ES-2777] Always show configuration through actuator/env with some key/values sanitized

[sacrana0]

Summary by CodeRabbit

• New Features

  • Automatic masking of sensitive values exposed by monitoring endpoints; common secrets, passwords and credential-like values are now protected.

• Chores

  • Added property to control environment value visibility in monitoring tools (enables showing env values when configured).

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Adds a new Spring configuration class that implements SanitizingFunction to mask actuator environment values based on configurable suffix and substring key patterns; includes unit tests and enables actuator env values in bootstrap properties.

Changes

Cohort / File(s)	Summary
Actuator Sanitization Configuration esignet-core/src/main/java/io/mosip/esignet/core/config/ActuatorSanitizationConfig.java	New @Configuration class implementing SanitizingFunction. Injects keysToBeSanitizedEndsWith and keysToBeSanitizedContains and overrides apply(SanitizableData) to return a sanitized value when keys match configured suffixes or substrings.
Sanitization Configuration Tests esignet-core/src/test/java/io/mosip/esignet/core/config/ActuatorSanitizationConfigTest.java	New unit tests (Mockito + ReflectionTestUtils) covering suffix match, substring match, and no-match behaviors, verifying calls to withSanitizedValue() and returned data.
Actuator Endpoint Configuration esignet-service/src/main/resources/bootstrap.properties	Added management.endpoint.env.show-values=ALWAYS to enable exposing environment values via the actuator env endpoint.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 I hopped through configs with eager delight,
I sniffed for "password" by day and by night,
I masked every secret with snug little art,
Now actuators glance but get only my heart—
A rabbit's safe guard, quiet and bright.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly summarizes the main change: enabling configuration exposure via actuator/env endpoint with selective key sanitization.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

🧹 Recent nitpick comments

esignet-core/src/test/java/io/mosip/esignet/core/config/ActuatorSanitizationConfigTest.java (1)

18-71: Consider adding edge case tests for robustness.

The current tests cover the happy paths well. For more comprehensive coverage, consider adding tests for:

• Null key handling: What happens if data.getKey() returns null?
• Mixed case for endsWith: e.g., "db.PASSWORD" to verify case handling consistency

These are optional improvements that would strengthen the test suite.

---

📜 Recent review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bf7cec0 and caf3d80.

📒 Files selected for processing (2)

• esignet-core/src/main/java/io/mosip/esignet/core/config/ActuatorSanitizationConfig.java
• esignet-core/src/test/java/io/mosip/esignet/core/config/ActuatorSanitizationConfigTest.java

🚧 Files skipped from review as they are similar to previous changes (1)

• esignet-core/src/main/java/io/mosip/esignet/core/config/ActuatorSanitizationConfig.java

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: sacrana0
Repo: mosip/esignet PR: 1608
File: esignet-service/src/main/resources/bootstrap.properties:44-44
Timestamp: 2026-01-16T08:59:50.574Z
Learning: In the esignet project, `ActuatorSanitizationConfig` was implemented to restore Spring Boot 2.3.6 sanitization behavior after migrating to Java 21, where the default changed to over-sanitize all actuator/env keys.

📚 Learning: 2026-01-16T08:59:50.574Z

Learnt from: sacrana0
Repo: mosip/esignet PR: 1608
File: esignet-service/src/main/resources/bootstrap.properties:44-44
Timestamp: 2026-01-16T08:59:50.574Z
Learning: In the esignet project, `ActuatorSanitizationConfig` was implemented to restore Spring Boot 2.3.6 sanitization behavior after migrating to Java 21, where the default changed to over-sanitize all actuator/env keys.

Applied to files:

• esignet-core/src/test/java/io/mosip/esignet/core/config/ActuatorSanitizationConfigTest.java

🔇 Additional comments (4)

esignet-core/src/test/java/io/mosip/esignet/core/config/ActuatorSanitizationConfigTest.java (4)

22-27: LGTM!

The test setup correctly initializes the config and injects the filter lists using ReflectionTestUtils. This is a standard pattern for testing Spring @Value-injected fields without bootstrapping the full application context.

---

29-42: LGTM!

The test correctly verifies that keys ending with a configured suffix are sanitized. The mock setup and verifications are appropriate.

---

59-70: LGTM!

Good negative test case verifying that non-matching keys return the original data without sanitization.

---

44-57: The implementation correctly handles case-insensitive matching. The apply() method at line 31 converts the key to lowercase using toLowerCase(Locale.ROOT) before checking against the sanitizable key lists. The test is valid and will pass as expected.

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In
`@esignet-core/src/main/java/io/mosip/esignet/core/config/ActuatorSanitizationConfig.java`:
- Around line 24-30: In apply(SanitizableData data) add a null-safety check for
data.getKey() before calling toLowerCase: obtain the key, return data
immediately (or treat as non-matching) if key is null, otherwise call
key.toLowerCase(Locale.ROOT) and proceed with the existing checks against
keysToBeSanitizedEndsWith and keysToBeSanitizedContains; keep using
data.withSanitizedValue() when a match is found so behavior is unchanged for
non-null keys.

In `@esignet-service/src/main/resources/bootstrap.properties`:
- Line 44: The bootstrap property management.endpoint.env.show-values=ALWAYS is
safe only because actuator access is restricted by
SecurityConfig.requests.anyRequest().authenticated(); verify and update
ActuatorSanitizationConfig to include any deployment-specific sensitive
environment variable names (add entries under
mosip.esignet.actuator.sanitize.key.*) so keys beyond the defaults (password,
secret, key, token, vcap_services, sun.java.command, credentials) are sanitized
before the env endpoint reveals values; locate ActuatorSanitizationConfig and
add the custom sensitive keys your deployment uses.

🧹 Nitpick comments (2)

esignet-core/src/main/java/io/mosip/esignet/core/config/ActuatorSanitizationConfig.java (1)

18-22: Consider reviewing the default sanitization patterns.

The default patterns provide good baseline coverage, but note:

• "key" may over-sanitize non-sensitive properties ending with "key" (e.g., cache.entry.key, partition.key)
• Consider adding common sensitive patterns like "auth", "bearer", "private" to keysToBeSanitizedContains

This is a minor consideration since patterns are configurable via properties.

esignet-core/src/test/java/io/mosip/esignet/core/config/ActuatorSanitizationConfigTest.java (1)

24-65: Tests cover the core scenarios well.

The three tests adequately verify endsWith, contains, and no-match paths. The API_CREDENTIALS_ID test nicely validates case-insensitive matching.

Consider adding edge case tests for robustness (optional):

• Null key handling
• Empty pattern lists
• Key matching both endsWith and contains patterns

📜 Review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d69fb8e and bf7cec0.

📒 Files selected for processing (3)

• esignet-core/src/main/java/io/mosip/esignet/core/config/ActuatorSanitizationConfig.java
• esignet-core/src/test/java/io/mosip/esignet/core/config/ActuatorSanitizationConfigTest.java
• esignet-service/src/main/resources/bootstrap.properties

🔇 Additional comments (1)

esignet-core/src/test/java/io/mosip/esignet/core/config/ActuatorSanitizationConfigTest.java (1)

17-22: LGTM! Test setup is clean.

Good use of ReflectionTestUtils to inject test-specific values, allowing focused testing of the sanitization logic.

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}