[jira] [Created] (FLINK-20055) Datadog API Key exposed in Flink JobManager logs

Florian Szabo (Jira) Sun, 08 Nov 2020 23:57:19 -0800

Florian Szabo created FLINK-20055:
-------------------------------------

             Summary: Datadog API Key exposed in Flink JobManager logs
                 Key: FLINK-20055
                 URL: https://issues.apache.org/jira/browse/FLINK-20055
             Project: Flink
          Issue Type: Improvement
          Components: Runtime / Configuration
    Affects Versions: 1.11.2, 1.9.1
            Reporter: Florian Szabo



When Flink is set up to report metrics to Datadog, the JobManager log containe 
the Datadog API key in plain format. In fact it shows up in two different 
places:
{code:java}
2020-08-03 09:03:19,400 INFO  
org.apache.flink.configuration.GlobalConfiguration            - Loading 
configuration property: metrics.reporter.dghttp.apikey, <REDACTED-KEY>
...
2020-08-03 09:03:20,437 INFO  org.apache.flink.runtime.metrics.ReporterSetup    
            - Configuring dghttp with {apikey=<REDACTED-KEY>, 
tags=<...>,profile:<...>,region:<...>,env:<...>, 
class=org.apache.flink.metrics.datadog.DatadogHttpReporter}.
{code}
The expected behavior here should be that the API key in both places is hidden 
so that it does not end up in places where it should not be.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (FLINK-20055) Datadog API Key exposed in Flink JobManager logs

Reply via email to