You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dolphinscheduler.apache.org by GitBox <gi...@apache.org> on 2022/10/13 06:20:53 UTC
[GitHub] [dolphinscheduler] rickchengx opened a new pull request, #11589: [Feature-10498] Mask the password in the log of sqoop task
rickchengx opened a new pull request, #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589
<!--Thanks very much for contributing to Apache DolphinScheduler. Please review https://dolphinscheduler.apache.org/en-us/community/development/pull-request.html before opening a pull request.-->
## Purpose of the pull request
Mask the password in the log of `sqoop` task.
Currently, there are 2 positions that the log of `sqoop` task will output the password of mysql:
https://github.com/apache/dolphinscheduler/blob/17a9dd25fa0e80b048394f79db130f56eb8ef72f/dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/src/main/java/org/apache/dolphinscheduler/plugin/task/sqoop/SqoopTask.java#L83
https://github.com/apache/dolphinscheduler/blob/17a9dd25fa0e80b048394f79db130f56eb8ef72f/dolphinscheduler-task-plugin/dolphinscheduler-task-api/src/main/java/org/apache/dolphinscheduler/plugin/task/api/ShellCommandExecutor.java#L116
## Brief change log
<!--*(for example:)*
- *Add maven-checkstyle-plugin to root pom.xml*
-->
## Verify this pull request
<!--*(Please pick either of the following options)*-->
Manually tested.
<img width="1122" alt="截屏2022-08-22 15 30 38" src="https://user-images.githubusercontent.com/38122586/185864886-c8e827dd-d7e0-461b-9565-59c7bcbc8dcf.png">
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1277116908
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [1 Code Smell](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [38.5% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] codecov-commenter commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
codecov-commenter commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1233666175
# [Codecov](https://codecov.io/gh/apache/dolphinscheduler/pull/11589?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#11589](https://codecov.io/gh/apache/dolphinscheduler/pull/11589?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (c70bfec) into [dev](https://codecov.io/gh/apache/dolphinscheduler/commit/17a9dd25fa0e80b048394f79db130f56eb8ef72f?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (17a9dd2) will **decrease** coverage by `0.08%`.
> The diff coverage is `6.66%`.
```diff
@@ Coverage Diff @@
## dev #11589 +/- ##
============================================
- Coverage 39.79% 39.70% -0.09%
- Complexity 4697 4705 +8
============================================
Files 993 1008 +15
Lines 37662 37867 +205
Branches 4186 4231 +45
============================================
+ Hits 14986 15034 +48
- Misses 21109 21224 +115
- Partials 1567 1609 +42
```
| [Impacted Files](https://codecov.io/gh/apache/dolphinscheduler/pull/11589?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [...cheduler/plugin/task/api/ShellCommandExecutor.java](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZG9scGhpbnNjaGVkdWxlci10YXNrLXBsdWdpbi9kb2xwaGluc2NoZWR1bGVyLXRhc2stYXBpL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9kb2xwaGluc2NoZWR1bGVyL3BsdWdpbi90YXNrL2FwaS9TaGVsbENvbW1hbmRFeGVjdXRvci5qYXZh) | `0.00% <0.00%> (ø)` | |
| [.../dolphinscheduler/plugin/task/sqoop/SqoopTask.java](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZG9scGhpbnNjaGVkdWxlci10YXNrLXBsdWdpbi9kb2xwaGluc2NoZWR1bGVyLXRhc2stc3Fvb3Avc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2RvbHBoaW5zY2hlZHVsZXIvcGx1Z2luL3Rhc2svc3Fvb3AvU3Fvb3BUYXNrLmphdmE=) | `0.00% <0.00%> (ø)` | |
| [...apache/dolphinscheduler/spi/utils/StringUtils.java](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZG9scGhpbnNjaGVkdWxlci1zcGkvc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2RvbHBoaW5zY2hlZHVsZXIvc3BpL3V0aWxzL1N0cmluZ1V0aWxzLmphdmE=) | `26.21% <16.66%> (-1.06%)` | :arrow_down: |
| [...ler/server/worker/metrics/WorkerServerMetrics.java](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZG9scGhpbnNjaGVkdWxlci13b3JrZXIvc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2RvbHBoaW5zY2hlZHVsZXIvc2VydmVyL3dvcmtlci9tZXRyaWNzL1dvcmtlclNlcnZlck1ldHJpY3MuamF2YQ==) | `0.00% <0.00%> (-74.47%)` | :arrow_down: |
| [...r/server/worker/registry/WorkerRegistryClient.java](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZG9scGhpbnNjaGVkdWxlci13b3JrZXIvc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2RvbHBoaW5zY2hlZHVsZXIvc2VydmVyL3dvcmtlci9yZWdpc3RyeS9Xb3JrZXJSZWdpc3RyeUNsaWVudC5qYXZh) | `46.66% <0.00%> (-27.41%)` | :arrow_down: |
| [...dolphinscheduler/service/log/LogClientService.java](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZG9scGhpbnNjaGVkdWxlci1zZXJ2aWNlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9kb2xwaGluc2NoZWR1bGVyL3NlcnZpY2UvbG9nL0xvZ0NsaWVudFNlcnZpY2UuamF2YQ==) | `63.85% <0.00%> (-12.96%)` | :arrow_down: |
| [...er/master/dispatch/host/assign/RandomSelector.java](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZG9scGhpbnNjaGVkdWxlci1tYXN0ZXIvc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2RvbHBoaW5zY2hlZHVsZXIvc2VydmVyL21hc3Rlci9kaXNwYXRjaC9ob3N0L2Fzc2lnbi9SYW5kb21TZWxlY3Rvci5qYXZh) | `77.77% <0.00%> (-5.56%)` | :arrow_down: |
| [...ache/dolphinscheduler/plugin/task/dvc/DvcTask.java](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZG9scGhpbnNjaGVkdWxlci10YXNrLXBsdWdpbi9kb2xwaGluc2NoZWR1bGVyLXRhc2stZHZjL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9kb2xwaGluc2NoZWR1bGVyL3BsdWdpbi90YXNrL2R2Yy9EdmNUYXNrLmphdmE=) | `67.16% <0.00%> (-5.42%)` | :arrow_down: |
| [...phinscheduler/plugin/task/pytorch/PytorchTask.java](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZG9scGhpbnNjaGVkdWxlci10YXNrLXBsdWdpbi9kb2xwaGluc2NoZWR1bGVyLXRhc2stcHl0b3JjaC9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvZG9scGhpbnNjaGVkdWxlci9wbHVnaW4vdGFzay9weXRvcmNoL1B5dG9yY2hUYXNrLmphdmE=) | `49.01% <0.00%> (-5.33%)` | :arrow_down: |
| [...lphinscheduler/plugin/task/emr/EmrJobFlowTask.java](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZG9scGhpbnNjaGVkdWxlci10YXNrLXBsdWdpbi9kb2xwaGluc2NoZWR1bGVyLXRhc2stZW1yL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9kb2xwaGluc2NoZWR1bGVyL3BsdWdpbi90YXNrL2Vtci9FbXJKb2JGbG93VGFzay5qYXZh) | `77.77% <0.00%> (-4.58%)` | :arrow_down: |
| ... and [87 more](https://codecov.io/gh/apache/dolphinscheduler/pull/11589/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
:mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1250820539
Hi, @ruanwenjun , @EricGao888 , I've made changes to my PR as below:
1. Use `SensitiveDataConverter` to uniformly mask sensitive information in task logs.
2. Each task plugin can add its own regular match expressions to `SensitiveDataConverter` through `addMaskPattern()`. E.g., `Sqoop` task adds its own regular expression in `init()`:
```
SensitiveDataConverter.addMaskPattern(SqoopConstants.SQOOP_PASSWORD_REGEX);
```
This PR solves the problem of the mysql password in the sqoop task log. If others find that other task types will output sensitive information in the log, they only need to add their own regular expression through `addMaskPattern()` in the `init()` of the task plugin.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on a diff in pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on code in PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#discussion_r1028962143
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/pom.xml:
##########
@@ -48,5 +48,10 @@
<artifactId>dolphinscheduler-datasource-api</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dolphinscheduler</groupId>
+ <artifactId>dolphinscheduler-service</artifactId>
+ <version>${project.version}</version>
+ </dependency>
Review Comment:
> Please remove this module in task-plugin.
Hi @caishunfeng , thanks for your comment.
This dependent is added in `dolphinscheudler-task-sqoop/pom.xml` since `sqoop` task needs to add its mask pattern through `SensitiveDataConverter.addMaskPattern()`, which is in `dolphinscheduler-service` module.
<img width="378" alt="截屏2022-11-22 15 32 05" src="https://user-images.githubusercontent.com/38122586/203252444-09914e7e-ffe1-4249-a3ed-4f55ab55547b.png">
Is your suggestion that we should move `SensitiveDataConverter` to another module? (maybe `dolphinscheduler-task-api`?)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1292299103
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [4 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [24.1% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx closed pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx closed pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
URL: https://github.com/apache/dolphinscheduler/pull/11589
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1326001477
Hi, @caishunfeng , I've moved `SensitiveDataConverter` to `dolphinscheduler-common` module.
cc @zhongjiajie
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1221992939
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [17.4% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] EricGao888 commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
EricGao888 commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1222025724
related: #10498
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1292299296
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [4 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [24.1% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1236587187
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [2 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [0.0% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1232746946
> This is a good feature. Could you please add a UT for it? Thanks.
Hi, @EricGao888, Sorry for the late response. I've added a UT.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1236633109
> May I ask whether we could do this with some other ways in `sqoop task plugin` instead of add a specific condition here for `sqoop`? ShellCommandExecutor is shared across different task plugins, it might not be a good practice and uneasy to maintain if we need to change it every time we need to mask something for a task plugin. The same for line 55-56.
Hi, @EricGao888. Thanks for your suggestions. I have moved the masking logic to a common util class.
There are 2 possible locations that the log may contain the sensitive data (e.g., password). Taking the sqoop task as an example:
1. The log output in the `buildCommand()` in `SqoopTask`.
2. The log output in the `createCommandFileIfNotExists(String execCommand, String commandFile)` in `ShellCommandExecutor`. We need to mask the sensitive data of `execCommand` here since the `execCommand` will be output in the log. But this class is shared by multiple task plugins and how to mask the sensitive data needs to be discussed.
As for me, there are 2 ways:
1. Use a common Utils class to mask the sensitive data of `execCommand` as below:
`SensitiveUtils.maskSensitiveForExecCommand(execCommand)`
So multiple task plugin (use ShellCommandExecutor) will use a comman method to mask the sensitive data of `execCommand`.
Note that the command after masking will only used to output in the log, so this method will not affect the actual command executed.
2. Refactor the `createCommandFileIfNotExists()` and add a param `String execCommandMasking`. Also `AbstractCommandExecutor.run(execCommand)` needs to be refactored to `AbstractCommandExecutor.run(execCommand, execCommandMasking)`.
By doing this, the process logic of how to mask the sensitive data can be done in each task plugin. But this will modify `AbstractCommandExecutor` and `ShellCommandExecutor`, and many task plugins need to be modified.
Currently, this PR uses the first way to mask the sensitive data. And I also sent a related discussion email to the mailing list.
So which way do you think is better? Or there are other better ways to do so.
Any comments or suggestions are welcome!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1325998973
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [6 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [66.7% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1245186719
> We have use `SensitiveDataConverter` for the whole log to hide the password.
Hi, @ruanwenjun , It seems that there is a bug in `SensitiveDataConverter` which will be fixed in #11459
After #11459 is fixed, maybe we can add a pattern in `SensitiveDataConverter` to mask the password in `sqoop` task.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] caishunfeng commented on a diff in pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
caishunfeng commented on code in PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#discussion_r1028913897
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/pom.xml:
##########
@@ -48,5 +48,10 @@
<artifactId>dolphinscheduler-datasource-api</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dolphinscheduler</groupId>
+ <artifactId>dolphinscheduler-service</artifactId>
+ <version>${project.version}</version>
+ </dependency>
Review Comment:
Please remove this module in task-plugin.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1277113036
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [1 Code Smell](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [38.5% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1236586344
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [2 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [0.0% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1240170876
> We have use `SensitiveDataConverter` for the whole log to hide the password.
Thanks for your suggestion! I'll look into it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1257321111
Still in progress, sth needs to be optimized
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1277175211
> 1. Use `SensitiveDataConverter` to uniformly mask sensitive information in task logs.
> 2. Each task plugin can add its own regular match expressions to `SensitiveDataConverter` through `addMaskPattern()`. E.g., `Sqoop` task adds its own regular expression in `init()`:
>
> ```
> SensitiveDataConverter.addMaskPattern(SqoopConstants.SQOOP_PASSWORD_REGEX);
> ```
>
> This PR solves the problem of the mysql password in the sqoop task log. If others find that other task types will output sensitive information in the log, they only need to add their own regular expression through `addMaskPattern()` in the `init()` of the task plugin.
Hi, @ruanwenjun , could you please help review this? I've rebased to remove conflicts.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on a diff in pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on code in PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#discussion_r1028973782
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/pom.xml:
##########
@@ -48,5 +48,10 @@
<artifactId>dolphinscheduler-datasource-api</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dolphinscheduler</groupId>
+ <artifactId>dolphinscheduler-service</artifactId>
+ <version>${project.version}</version>
+ </dependency>
Review Comment:
> > Please remove this module in task-plugin.
>
> Hi @caishunfeng , thanks for your comment.
>
> This dependent is added in `dolphinscheudler-task-sqoop/pom.xml` since `sqoop` task needs to add its mask pattern through `SensitiveDataConverter.addMaskPattern()`, which is in `dolphinscheduler-service` module.
>
> <img alt="截屏2022-11-22 15 32 05" width="378" src="https://user-images.githubusercontent.com/38122586/203252444-09914e7e-ffe1-4249-a3ed-4f55ab55547b.png">
>
> Is your suggestion that we should move `SensitiveDataConverter` to another module? (maybe `dolphinscheduler-task-api`?)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1325998395
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [6 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [66.7% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1305044637
> Hi, @ruanwenjun , @EricGao888 , I've made changes to my PR as below:
>
> 1. Use `SensitiveDataConverter` to uniformly mask sensitive information in task logs.
> 2. Each task plugin can add its own regular match expressions to `SensitiveDataConverter` through `addMaskPattern()`. E.g., `Sqoop` task adds its own regular expression in `init()`:
>
> ```
> SensitiveDataConverter.addMaskPattern(SqoopConstants.SQOOP_PASSWORD_REGEX);
> ```
>
> This PR solves the problem of the mysql password in the sqoop task log. If others find that other task types will output sensitive information in the log, they only need to add their own regular expression through `addMaskPattern()` in the `init()` of the task plugin.
Hi, @EricGao888 @caishunfeng , could you please help review this?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] EricGao888 commented on a diff in pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
EricGao888 commented on code in PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#discussion_r962136036
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/src/test/java/org/apache/dolphinscheduler/plugin/task/sqoop/SqoopTaskTest.java:
##########
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.dolphinscheduler.plugin.task.sqoop;
+
+import org.apache.dolphinscheduler.spi.utils.StringUtils;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class SqoopTaskTest {
+
+ @Test
+ public void testMaskPassword() {
+ String script =
+ "sqoop import -D mapred.job.name=sqoop_task -m 1 --connect \"jdbc:mysql://localhost:3306/defuault\" --username root --password \"mypassword\" --table student --target-dir /sqoop_test --as-textfile";
+ String scriptPasswordMasking =
Review Comment:
```suggestion
final String scriptPasswordMasking =
```
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/src/test/java/org/apache/dolphinscheduler/plugin/task/sqoop/SqoopTaskTest.java:
##########
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.dolphinscheduler.plugin.task.sqoop;
+
+import org.apache.dolphinscheduler.spi.utils.StringUtils;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class SqoopTaskTest {
+
+ @Test
+ public void testMaskPassword() {
+ String script =
Review Comment:
```suggestion
final String script =
```
##########
dolphinscheduler-spi/src/main/java/org/apache/dolphinscheduler/spi/utils/StringUtils.java:
##########
@@ -282,10 +284,17 @@ public static String replaceDoubleBrackets(String mainParameter) {
mainParameter = mainParameter
.replace(Constants.DOUBLE_BRACKETS_LEFT, Constants.DOUBLE_BRACKETS_LEFT_SPACE)
.replace(Constants.DOUBLE_BRACKETS_RIGHT, Constants.DOUBLE_BRACKETS_RIGHT_SPACE);
- if (mainParameter.contains(Constants.DOUBLE_BRACKETS_LEFT) || mainParameter.contains(Constants.DOUBLE_BRACKETS_RIGHT)) {
+ if (mainParameter.contains(Constants.DOUBLE_BRACKETS_LEFT)
+ || mainParameter.contains(Constants.DOUBLE_BRACKETS_RIGHT)) {
return replaceDoubleBrackets(mainParameter);
} else {
- return mainParameter;
+ return mainParameter;
}
}
+
+ public static String maskPassword(String originalString, String passwordRegex, String maskString) {
Review Comment:
```suggestion
public static String maskPassword(final String originalString, final String passwordRegex, final String maskString) {
```
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-api/src/main/java/org/apache/dolphinscheduler/plugin/task/api/ShellCommandExecutor.java:
##########
@@ -112,6 +118,10 @@ protected void createCommandFileIfNotExists(String execCommand, String commandFi
}
}
}
+
+ if (execCommand.startsWith("sqoop")) {
Review Comment:
May I ask whether we could do this with some other ways in `sqoop task plugin` instead of add a specific condition here for `sqoop`? ShellCommandExecutor is shared across different task plugins, it might not be a good practice and uneasy to maintain if we need to change it every time we need to mask something for a task plugin. The same for line 55-56.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] zhongjiajie commented on a diff in pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
zhongjiajie commented on code in PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#discussion_r1028898804
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/pom.xml:
##########
@@ -48,5 +48,10 @@
<artifactId>dolphinscheduler-datasource-api</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dolphinscheduler</groupId>
+ <artifactId>dolphinscheduler-service</artifactId>
+ <version>${project.version}</version>
+ </dependency>
Review Comment:
I am not sure wether we should dependent `dolphinscheduler-service` in task plugin or not
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/pom.xml:
##########
@@ -48,5 +48,10 @@
<artifactId>dolphinscheduler-datasource-api</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dolphinscheduler</groupId>
+ <artifactId>dolphinscheduler-service</artifactId>
+ <version>${project.version}</version>
+ </dependency>
Review Comment:
Do you have time to take a look @caishunfeng @ruanwenjun
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on a diff in pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on code in PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#discussion_r1028923391
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/pom.xml:
##########
@@ -48,5 +48,10 @@
<artifactId>dolphinscheduler-datasource-api</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dolphinscheduler</groupId>
+ <artifactId>dolphinscheduler-service</artifactId>
+ <version>${project.version}</version>
+ </dependency>
Review Comment:
> I am not sure wether we should dependent `dolphinscheduler-service` in task plugin or not
> Do you have time to take a look @caishunfeng @ruanwenjun
Hi @zhongjiajie Thanks a lot for your review and comment.
I add this dependent since `sqoop` task plugin needs to add its own mask pattern to `SensitiveDataConverter`.
Maybe we should discuss whether it is appropriate to do so.
cc @caishunfeng @ruanwenjun
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on a diff in pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on code in PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#discussion_r1028962143
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/pom.xml:
##########
@@ -48,5 +48,10 @@
<artifactId>dolphinscheduler-datasource-api</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dolphinscheduler</groupId>
+ <artifactId>dolphinscheduler-service</artifactId>
+ <version>${project.version}</version>
+ </dependency>
Review Comment:
> Please remove this module in task-plugin.
Hi @caishunfeng , thanks for your comment.
This dependent is added in `dolphinscheudler-task-sqoop/pom.xml` since `sqoop` task needs to add its mask pattern through `SensitiveDataConverter.addMaskPattern()`, which is in `sdolphinscheduler-service` module.
<img width="378" alt="截屏2022-11-22 15 32 05" src="https://user-images.githubusercontent.com/38122586/203252444-09914e7e-ffe1-4249-a3ed-4f55ab55547b.png">
Is your suggestion that we should move `SensitiveDataConverter` to another module? (maybe `dolphinscheduler-task-api`?)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1250872246
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [1 Code Smell](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [0.0% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] ruanwenjun commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
ruanwenjun commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1239342287
We have use `SensitiveDataConverter` for the whole log to hide the password.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1233670658
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [19.0% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1233672263
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [18.2% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] EricGao888 commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
EricGao888 commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1225587341
This is a good feature. Could you please add a UT for it? Thanks.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#issuecomment-1250870532
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=11589)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL) [1 Code Smell](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=11589&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list) [7.1% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=11589&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] caishunfeng commented on a diff in pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
caishunfeng commented on code in PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#discussion_r1028912061
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/pom.xml:
##########
@@ -48,5 +48,10 @@
<artifactId>dolphinscheduler-datasource-api</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dolphinscheduler</groupId>
+ <artifactId>dolphinscheduler-service</artifactId>
+ <version>${project.version}</version>
+ </dependency>
Review Comment:
> I am not sure wether we should dependent `dolphinscheduler-service` in task plugin or not
We should not add the service module in task-plugin, they are independent.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] caishunfeng commented on a diff in pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
caishunfeng commented on code in PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#discussion_r1030228512
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/pom.xml:
##########
@@ -48,5 +48,10 @@
<artifactId>dolphinscheduler-datasource-api</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dolphinscheduler</groupId>
+ <artifactId>dolphinscheduler-service</artifactId>
+ <version>${project.version}</version>
+ </dependency>
Review Comment:
>Is your suggestion that we should move SensitiveDataConverter to another module? (maybe dolphinscheduler-task-api?)
Yes, is it better to move it inito common module? WDYT?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] rickchengx commented on a diff in pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
rickchengx commented on code in PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589#discussion_r1030261179
##########
dolphinscheduler-task-plugin/dolphinscheduler-task-sqoop/pom.xml:
##########
@@ -48,5 +48,10 @@
<artifactId>dolphinscheduler-datasource-api</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.dolphinscheduler</groupId>
+ <artifactId>dolphinscheduler-service</artifactId>
+ <version>${project.version}</version>
+ </dependency>
Review Comment:
> > Is your suggestion that we should move SensitiveDataConverter to another module? (maybe dolphinscheduler-task-api?)
>
> Yes, is it better to move it inito common module? WDYT?
Sure, thanks for your suggestion, I'll look into it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [dolphinscheduler] caishunfeng merged pull request #11589: [Feature-10498] Mask the password in the log of sqoop task
Posted by GitBox <gi...@apache.org>.
caishunfeng merged PR #11589:
URL: https://github.com/apache/dolphinscheduler/pull/11589
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org