You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@flink.apache.org by ch...@apache.org on 2018/04/25 07:32:22 UTC
[08/10] flink git commit: [FLINK-9100][core] Hide configured value
for "password"/"secret"
[FLINK-9100][core] Hide configured value for "password"/"secret"
This closes #9100.
Project: http://git-wip-us.apache.org/repos/asf/flink/repo
Commit: http://git-wip-us.apache.org/repos/asf/flink/commit/1a9675d5
Tree: http://git-wip-us.apache.org/repos/asf/flink/tree/1a9675d5
Diff: http://git-wip-us.apache.org/repos/asf/flink/diff/1a9675d5
Branch: refs/heads/master
Commit: 1a9675d54fda7c6d7c519935dde05f47eb449401
Parents: aa4bdc0
Author: sihuazhou <su...@163.com>
Authored: Tue Apr 24 13:39:11 2018 +0200
Committer: zentol <ch...@apache.org>
Committed: Tue Apr 24 13:41:43 2018 +0200
----------------------------------------------------------------------
.../configuration/GlobalConfiguration.java | 24 +++++++++++++++++++-
.../configuration/GlobalConfigurationTest.java | 10 ++++++++
2 files changed, 33 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/flink/blob/1a9675d5/flink-core/src/main/java/org/apache/flink/configuration/GlobalConfiguration.java
----------------------------------------------------------------------
diff --git a/flink-core/src/main/java/org/apache/flink/configuration/GlobalConfiguration.java b/flink-core/src/main/java/org/apache/flink/configuration/GlobalConfiguration.java
index 2f2a9cf..fd7d441 100644
--- a/flink-core/src/main/java/org/apache/flink/configuration/GlobalConfiguration.java
+++ b/flink-core/src/main/java/org/apache/flink/configuration/GlobalConfiguration.java
@@ -19,6 +19,7 @@
package org.apache.flink.configuration;
import org.apache.flink.annotation.Internal;
+import org.apache.flink.util.Preconditions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -42,6 +43,11 @@ public final class GlobalConfiguration {
public static final String FLINK_CONF_FILENAME = "flink-conf.yaml";
+ // the keys whose values should be hidden
+ private static final String[] SENSITIVE_KEYS = new String[] {"password", "secret"};
+
+ // the hidden content to be displayed
+ public static final String HIDDEN_CONTENT = "******";
// --------------------------------------------------------------------------------------------
@@ -183,7 +189,7 @@ public final class GlobalConfiguration {
continue;
}
- LOG.info("Loading configuration property: {}, {}", key, value);
+ LOG.info("Loading configuration property: {}, {}", key, isSensitive(key) ? HIDDEN_CONTENT : value);
config.setString(key, value);
}
}
@@ -194,4 +200,20 @@ public final class GlobalConfiguration {
return config;
}
+ /**
+ * Check whether the key is a hidden key.
+ *
+ * @param key the config key
+ */
+ public static boolean isSensitive(String key) {
+ Preconditions.checkNotNull(key, "key is null");
+ final String keyInLower = key.toLowerCase();
+ for (String hideKey : SENSITIVE_KEYS) {
+ if (keyInLower.length() >= hideKey.length()
+ && keyInLower.contains(hideKey)) {
+ return true;
+ }
+ }
+ return false;
+ }
}
http://git-wip-us.apache.org/repos/asf/flink/blob/1a9675d5/flink-core/src/test/java/org/apache/flink/configuration/GlobalConfigurationTest.java
----------------------------------------------------------------------
diff --git a/flink-core/src/test/java/org/apache/flink/configuration/GlobalConfigurationTest.java b/flink-core/src/test/java/org/apache/flink/configuration/GlobalConfigurationTest.java
index c5d2e62..a42564d 100644
--- a/flink-core/src/test/java/org/apache/flink/configuration/GlobalConfigurationTest.java
+++ b/flink-core/src/test/java/org/apache/flink/configuration/GlobalConfigurationTest.java
@@ -31,7 +31,9 @@ import java.io.PrintWriter;
import java.util.UUID;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
/**
* This class contains tests for the global configuration (parsing configuration directory information).
@@ -120,4 +122,12 @@ public class GlobalConfigurationTest extends TestLogger {
assertNotNull(GlobalConfiguration.loadConfiguration(tempFolder.getRoot().getAbsolutePath()));
}
+ @Test
+ public void testHiddenKey() {
+ assertTrue(GlobalConfiguration.isSensitive("password123"));
+ assertTrue(GlobalConfiguration.isSensitive("123pasSword"));
+ assertTrue(GlobalConfiguration.isSensitive("PasSword"));
+ assertTrue(GlobalConfiguration.isSensitive("Secret"));
+ assertFalse(GlobalConfiguration.isSensitive("Hello"));
+ }
}