Disable logging of (sensitive) arguments in Active Job

By Prathamesh Sonpatki

If you are using Active Job for managing background jobs in Rails, you might have noticed that it logs the job arguments when the job is enqueued or run. Let's see an example of this.

class ImportDataJob < ApplicationJob queue_as :default def perform(*args) puts "Completed" # Do something later end
end
>> ImportDataJob.perform_later(password: "secret") Enqueued ImportDataJob (Job ID: 4c44944b-0b1e-41ff-8679-c9757e09bdb2) to Async(default) with arguments: {:password=>"secret"} >> Performing ImportDataJob (Job ID: 4c44944b-0b1e-41ff-8679-c9757e09bdb2) from Async(default) enqueued at 2020-04-29T13:23:37Z with arguments: {:password=>"secret"}
Completed Performed ImportDataJob (Job ID: 4c44944b-0b1e-41ff-8679-c9757e09bdb2) from Async(default) in 9.39ms

As we can, see Active Job logs the arguments two times, once when the job is enqueued and once when the job starts performing.

We can filter request parameters on the controller level using Rails.application.config.filter_parameters configuration option so that sensitive parameters are not leaked in the logs. But if you are enqueuing such parameters to Active Job then the purpose of filtering them at controller level is defeated as they are logged at job level regardless.

A feature is now present in Rails master to fix this issue. We can disable logging for individual jobs by setting log_arguments configuration option.

class ImportDataJob < ApplicationJob queue_as :default self.log_arguments = false def perform(*args) # Do something later end
end
>> ImportDataJob.perform_later password: "secret"
Enqueued ImportDataJob (Job ID: 1c388f29-b83c-477c-a046-50837b8941e8) to Async(default) >> Performing ImportDataJob (Job ID: 1c388f29-b83c-477c-a046-50837b8941e8) from Async(default) enqueued at 2020-04-29T13:39:31Z Completed
Performed ImportDataJob (Job ID: 1c388f29-b83c-477c-a046-50837b8941e8) from Async(default) in 5.81ms

We can see that now there is no trace of the arguments in the log.

By default the log_arguments setting is true for every job and we can customize it per job based on whether the job consumes sensitive data.

Why can't we reuse the filter_parameters for Active Job

At this point, you might be wondering why can't we use the filter_parameters configuration that is used to filter sensitive parameters at the controller level. The reason for that is Active Jobs can accept all types of arguments whereas the filter_parameters is designed to work well with hash like objects only. There is a discussion about this issue here.

https://github.com/rails/rails/pull/34438#issuecomment-438455378

https://github.com/rails/rails/pull/38963#issuecomment-614767901

Is this bullet proof solution?

Definitely not, if we are inspecting the arguments ourselves in the a code then they will definitely be logged. This configuration prevents Rails from logging the arguments.

This feature is not yet released. It will be part of Rails 6.1. I will update this post when it is released.

Subscribe to my newsletter to be on top of latest changes happening in Ruby on Rails framework. No spam only Ruby and Rails!