Crate cellos_sink_redact 

EventSink wrapper that redacts nominated JSON fields before forwarding.

CloudEvents emitted by the supervisor can contain:

• argv — command lines, which may include secrets passed as arguments
• path — artifact and working-directory filesystem paths
• secretRefs — names (not values) of secrets referenced by the cell
• reason — teardown error messages, which may contain paths or argv fragments

This sink wraps any Arc<dyn EventSink> and, before calling inner.emit(), walks the CloudEventV1.data JSON tree replacing the values of nominated top-level and nested field names with a fixed placeholder string.

Activation

In the composition root, set CELLOS_REDACT_EVENT_FIELDS to a comma-separated list of JSON field names to redact, e.g.:

CELLOS_REDACT_EVENT_FIELDS=argv,path,reason

Use CELLOS_REDACT_EVENT_FIELDS=defaults to apply the built-in conservative set: argv,path,reason.

Security notes

• Secret values never appear in events; only secret names (secretRefs).
• Redaction applies to the JSON value tree, not to CloudEvent metadata fields (id, source, type, time).
• The placeholder value is the fixed string "[redacted]" for scalar values and ["[redacted]"] for arrays; maps are replaced with {}.
• An absent or empty data field is forwarded unchanged.

Structs

RedactingEventSink

Wraps an inner EventSink, walking the data JSON tree and replacing the values of any nominated field names with the placeholder "[redacted]".

Constants

DEFAULT_REDACT_FIELDS

The conservative default set of field names to redact.