litiliu commented on code in PR #3486:
URL: https://github.com/apache/fluss/pull/3486#discussion_r3479311915
##########
fluss-common/src/main/java/org/apache/fluss/config/ConfigurationUtils.java:
##########
@@ -38,6 +38,25 @@
/** Utility class for {@link Configuration} related helper functions. */
public class ConfigurationUtils {
+
+ private static final String[] SENSITIVE_KEY_PARTS = {
Review Comment:
Good point. I agree it is worth unifying the S3 credential detection, but I
would prefer to handle that in #3526 or a focused follow-up.
The matching in this PR is intentionally generic and conservative for log
redaction, following Flink-style sensitive-key substring matching. The #3526
logic is S3-specific and should probably use a more precise matcher for
supported S3 config prefixes/suffixes, such as `s3.`, `s3a.`, `fs.s3a.` plus
credential-bearing suffixes.
I will keep this PR scoped to the generic redaction path and avoid folding a
filesystem config refactor into it. We can extract a shared S3 credential
matcher separately so #3526 and the S3 filesystem code do not drift.
What do you think?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]