Sanitize request for klog print in logGRPC()

Malicious user can put a secret in request as explained here: kubernetes-sigs#1372.

Author: mpatlasov

Diff for: pkg/gce-pd-csi-driver/utils.go

@@ -22,6 +22,7 @@ import (
 	"fmt"
 
 	csi "github.com/container-storage-interface/spec/lib/go/csi"
+	"github.com/kubernetes-csi/csi-lib-utils/protosanitizer"
 	"google.golang.org/grpc"
 	"k8s.io/klog/v2"
 )
@@ -63,7 +64,12 @@ func logGRPC(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, h
 	// Note that secrets are not included in any RPC message. In the past protosanitizer and other log
 	// stripping was shown to cause a significant increase of CPU usage (see
 	// https://github.com/kubernetes-sigs/gcp-compute-persistent-disk-csi-driver/issues/356#issuecomment-550529004).
-	klog.V(4).Infof("%s called with request: %s", info.FullMethod, req)
+	// However malicious user still can put a secret in request as explained here:
+	// https://github.com/kubernetes-sigs/gcp-compute-persistent-disk-csi-driver/issues/1372
+	if klog.V(4).Enabled() {
+		sanitizedReq := protosanitizer.StripSecrets(req)
+		klog.Infof("%s called with request: %s", info.FullMethod, sanitizedReq)
+	}
 	resp, err := handler(ctx, req)
 	if err != nil {
 		klog.Errorf("%s returned with error: %v", info.FullMethod, err.Error())