[Feature-17398][Task] Avoid leaking sensitive Dinky task logs#18397
[Feature-17398][Task] Avoid leaking sensitive Dinky task logs#18397qiuyanjun888 wants to merge 3 commits into
Conversation
| private static final String KNOWN_SENSITIVE_CONFIGURATION_KEY_REGEX = | ||
| "(?:password|access[._-]?key(?:[._-]?(?:id|secret))?|secret[._-]?access[._-]?key|secret[._-]?key)"; | ||
|
|
||
| private static final Pattern QUOTED_SENSITIVE_CONFIGURATION_PATTERN = Pattern.compile( |
There was a problem hiding this comment.
.*? does not distinguish an escaped quote from the actual string terminator.
eg, given valid JSON:
{"password":"abc\"VISIBLE_SUFFIX","bucket":"ds"}
result output:
{"password":"******\"VISIBLE_SUFFIX","bucket":"ds"}
| result = mapper.readTree(res); | ||
| } catch (JsonProcessingException e) { | ||
| log.error("dinky task submit failed with error", e); | ||
| log.error("dinky task response parse failed, responseLength: {}, errorType: {}", |
There was a problem hiding this comment.
The parse error should fail explicitly.
There was a problem hiding this comment.
Fixed by throwing DinkyTaskException when the Dinky response cannot be parsed. The exception only includes the response length and parser exception type, and the regression test verifies explicit failure without exposing sensitive response values.
Verification: ./mvnw -pl dolphinscheduler-task-plugin/dolphinscheduler-task-dinky -Dtest='DinkyLogSanitizerTest#testParseMalformedResponseFailsExplicitlyWithoutExposingRawResponse' clean test passed.
| } | ||
|
|
||
| @Test | ||
| void testParseMalformedResponseReturnsNullWithoutExposingRawResponse() throws Exception { |
There was a problem hiding this comment.
This only asserts that the return value is null; it does not capture or inspect any log event. The test would also pass with the old implementation even if the raw response were written through the exception log.
Was this PR generated or assisted by AI?
YES. This pull request was assisted by Hermes Agent / OpenAI Codex for code changes, focused tests, documentation updates, and local verification. The scope and final submission were directed by the contributor.
Purpose of the pull request
Fix #17398.
Avoid leaking sensitive Dinky task information in task logs.
This pull request supersedes #18395, which was closed because the original description did not include the AI-assistance declaration required by the current pull request template.
Brief change log
SensitiveDataConvertercoverage for common sensitive key/value formats.Verify this pull request
This change added tests and can be verified as follows:
./mvnw -pl dolphinscheduler-task-plugin/dolphinscheduler-task-api,dolphinscheduler-task-plugin/dolphinscheduler-task-dinky -am -DskipUT=false -DskipITs -DskipE2E -Dcheckstyle.skip -Dspotless.check.skip -Djacoco.skip=true -Dsurefire.failIfNoSpecifiedTests=false -Dtest=SensitiveDataConverterTest,DinkyLogSanitizerTest test./mvnw -pl dolphinscheduler-task-plugin/dolphinscheduler-task-api,dolphinscheduler-task-plugin/dolphinscheduler-task-dinky -am spotless:applygit diff --checkPull Request Notice
Pull Request Notice