Review and add tests for Juniper sensitive lines

[sfraint]

Password/snmp community regexes for Juniper configs in sensitive_item_removal.py may need tweaking to catch all allowed syntax/options and some do not have any tests.

The JUNOS regexes for md5, hello-authentication-key, and ssh do not have any tests.

The remaining JUNOS regexes:

• May need to have additional test config lines added in test_sensitive_item_removal.py covering a variety of syntaxes/options allowed by (and verified on) JUNOS routers
  • Right now, the regexes may only handle a subset of allowed syntax and options (e.g. not handling an optional digit or param password blah versus password 0 blah or password encrypt sha512 blah)
  • Right now, test config lines are only taken from example test rigs in batfish and may not cover the full range of allowed syntax/options
• Need to have a capture group added and group number specified
  • This is so sensitive info can be extracted and replaced instead of just removing the whole line
  • This has already been completed for the snmp community JUNOS regex

[dhalperi]

Status here? My understanding is that users have been able to anonymize Juniper configs -- should this be closed?

[sfraint]

This is better now; Juniper configs can be anonymized. However, there are still some Juniper sensitive line regexes that do not have test cases.

[dhalperi]

@sfraint please flesh out concretely what is remaining in this issue. Either a list of untested regexes here, comments in the code that link back to this github issue, etc.

As-is, no one can work on this.