Add whitelist-based filtering to mixpanel events

When sending events to mixpanel, we now use an explicit whitelist for the properties sent with the event, to avoid accidental leakage of any sensitive information.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>

package.json

@@ -34,6 +34,7 @@
     "docker-toolbelt": "^3.0.3",
     "event-stream": "^3.0.20",
     "express": "^4.0.0",
+    "json-mask": "^0.3.8",
     "knex": "~0.12.3",
     "lockfile": "^1.0.1",
     "lodash": "^4.16.3",

src/utils.coffee

@@ -14,6 +14,7 @@ TypedError = require 'typed-error'
 execAsync = Promise.promisify(require('child_process').exec)
 device = require './device'
 { checkTruthy } = require './lib/validation'
+mask = require 'json-mask'
 
 exports.supervisorVersion = require('./lib/supervisor-version')
 
@@ -26,6 +27,15 @@ else
 exports.mixpanelProperties = mixpanelProperties =
 	username: configJson.username
 
+mixpanelMask = [
+	'appId'
+	'delay'
+	'error'
+	'interval'
+	'app(appId,imageId,commit,name)'
+	'stateDiff(status,download_progress,commit,os_version,superisor_version,ip_address)'
+].join(',')
+
 exports.mixpanelTrack = (event, properties = {}) ->
 	# Allow passing in an error directly and having it assigned to the error property.
 	if properties instanceof Error
@@ -40,16 +50,8 @@ exports.mixpanelTrack = (event, properties = {}) ->
 
 	properties = _.cloneDeep(properties)
 
-	# Don't log private env vars (e.g. api keys)
-	if properties?.app?.env?
-		try
-			{ env } = properties.app
-			env = JSON.parse(env) if _.isString(env)
-			safeEnv = _.omit(env, config.privateAppEnvVars)
-			properties.app.env = JSON.stringify(safeEnv)
-		catch
-			properties.app.env = 'Fully hidden due to error in selective hiding'
-
+	# Filter properties to only send the whitelisted keys and values
+	properties = mask(properties, mixpanelMask)
 	console.log('Event:', event, JSON.stringify(properties))
 	# Mutation is bad, and it should feel bad
 	properties = _.assign(properties, mixpanelProperties)