Support ZIP Archive: Contents and Redaction Details๐
This document provides a comprehensive overview of the information included in the Apheris Hub Support ZIP archive and the technical details of the redaction and sanitization process. It is intended for technical users, administrators, and security reviewers who require transparency into the support data collection process.
Scope of Data Collection๐
The Support ZIP archive aggregates only diagnostic data (logs, sanitized inspection output, and select metadata) from Docker containers explicitly labeled with apheris.hub=true. No container images, filesystems, or application data are included. Containers lacking this label are completely ignoredโneither listed, inspected, nor processed in any way. This strict filtering is enforced at the Docker API query level.
Archive Structure and Included Data๐
The Support ZIP archive is a compressed file containing structured diagnostic and configuration data for support and debugging. The typical contents are:
system_info.json: Host system metadata (OS, architecture, Go version, CPU, GPU/driver status, Docker disk usage, etc.)data.yaml: Model registry and application metadata (from the internal repository)logs/: Tailed logs for each container withapheris.hub=true(log lines count is configurable via API, the default is1000)inspections/: Sanitized output ofdocker inspectfor each relevant container (withapheris.hub=true), including filtered config, host config, network info, and runtime state
Note
No user data, model payloads, or container filesystems are included. The archive is strictly limited to metadata and logs required for operational troubleshooting.
Redaction and Sanitization Pipeline๐
All data included in the Support ZIP is subject to a multi-stage redaction pipeline. The process is as follows:
-
Allow-list Filtering: Only environment variables on a strict allow-list are included verbatim. This list covers required Hub variables and a minimal set of standard system variables, such as:
APH_HUB_API_KEYQUAY_USERNAMEQUAY_PASSWORDQUAY_SERVERAPH_HUB_INPUT_ROOT_DIRECTORYAPH_HUB_OUTPUT_ROOT_DIRECTORYAPH_HUB_DATABASE_FILE_NAMEAPH_HUB_APPLICATION_DEFINITION_FILEAPH_HUB_DISABLE_DIGEST_VALIDATIONPATH,HOME,USER,PWD,SHELL,LANG,LC_ALL,TZ,TERM
-
Sensitive Pattern Matching: All other environment variables are checked against a set of sensitive patterns, including (but not limited to):
password,passwd,pwdsecret,key,token,authprivate,credential,credcert,certificate,ssldatabase_url,db_url,connection_stringsmtp_password,email_passwordoauth,jwt,beareradmin,rootsession,cookie
If a variable name matches any of these patterns, its value is replaced with
[REDACTED]. Pattern matching for variable names is case-insensitive.
- IP Address Redaction: All public (non-private) IP addresses in logs and inspection data are replaced with
[EXTERNAL_IP_REDACTED]. Only private/local IPs are retained, including:10.x.x.x172.16.x.xโ172.31.x.x192.168.x.x127.0.0.1169.254.x.x
- Credential Pattern Scrubbing: Log lines and config fields matching credential patterns are sanitized.
- Log Truncation: Only the most recent N lines per container (the default is
1000, configurable via API) are included to minimize exposure and archive size.
General Principles๐
- No User Data: No user-uploaded data, model payloads, or customer datasets are ever included.
- No Private Keys: Private keys, certificates, and similar secrets are always excluded or redacted.
- No Container Filesystems: No files from inside containers are ever included.
- Transparency: All redactions are indicated by
[REDACTED]or[EXTERNAL_IP_REDACTED]in the output files.
Note
If you have any doubts or concerns, you can always examine the contents of the Support ZIP archive before sending it to support. The archive is a standard ZIP file and can be opened with any archive tool to review its contents and redactions.
For technical questions about the Support ZIP archive, redaction pipeline, or to request a security review, contact support@apheris.com.