delei commented on issue #16698:
URL:
https://github.com/apache/dolphinscheduler/issues/16698#issuecomment-3026920660
Hi, @SbloodyS .I encountered the same problem,please refer to this and see
if it is helpful to you.
## Version
3.2.0
## Solution
I achieved this by customizing the source code.
- add a new pattern to `SensitiveDataConverter`
```java
private static final Pattern VAR_POOL_PATTERN =
Pattern.compile("(?s)(\\{[^}]*(\"|\\\\\")prop(\"|\\\\\")\\s*:\\s*(\"|\\\\\")[^(\"|\\\\\")]*(?i:password)[^(\"|\\\\\")]*(\"|\\\\\")[^}]*(\"|\\\\\")value(\"|\\\\\")\\s*:\\s*(\"|\\\\\"))([^(\"|\\\\\")]*)((\"|\\\\\")[^}]*)");
```
- modify the logic of method `maskSensitiveData()`,use this new pattern for
matching and filtering.replace with `******`
```java
public static String maskSensitiveData(final String logMsg) {
// ... original code
return replaceVarPoolSensitiveData(sb.toString());
}
public static String replaceVarPoolSensitiveData(String jsonString) {
Matcher matcher = VAR_POOL_PATTERN.matcher(jsonString);
return matcher.replaceAll("$1******$3");
}
```
## Example
The content in the log:
### prepareParamsMap
```json
"prepareParamsMap" : {
"DB_PASSWORD" : {
"prop" : "DB_PASSWORD",
"direct" : "IN",
"type" : "VARCHAR",
"value" : "******"
},
"password" : {
"prop" : "password",
"direct" : "IN",
"type" : "VARCHAR",
"value" : "******"
},
"system.project.code" : {
"prop" : "system.project.code",
"direct" : "IN",
"type" : "VARCHAR",
"value" : "11455319998912"
}
}
```
### varPool
```json
"varPool" :
"[{\"prop\":\"DB_PASSWORD\",\"direct\":\"IN\",\"type\":\"VARCHAR\",\"value\":\"******\"},{\"prop\":\"password\",\"direct\":\"IN\",\"type\":\"VARCHAR\",\"value\":\"******\"},{\"prop\":\"DB_USER\",\"direct\":\"IN\",\"type\":\"VARCHAR\",\"value\":\"test_user\"}]",
```
### Set taskVarPool
```shell
[INFO] 2025-07-02 15:44:46.152 +0800 - Set taskVarPool:
[{"prop":"DB_PASSWORD","direct":"IN","type":"VARCHAR","value":"******"},{"prop":"password","direct":"IN","type":"VARCHAR","value":"******"},{"prop":"DB_USER","direct":"IN","type":"VARCHAR","value":"test_user"}]
successfully
```
## Notes
- This may not be the best solution.
- Does not affect the default pattern.
- I only tested two task types: `shell` and `datax`.
- It is recommended to adjust the expression to better comply with parameter
naming conventions.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]