Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

changefeedccl: more redactions in changefeed job description #75174

Merged
merged 1 commit into from Jan 20, 2022
Merged

changefeedccl: more redactions in changefeed job description #75174

merged 1 commit into from Jan 20, 2022

Conversation

HonoreDB
Copy link
Contributor

Expands the denylist for what in the sink URI gets shown in the
job description to redact ca_cert and client_cert.
Also redacts everything before an @ symbol in the host as that
can be a user credential.

Release note (enterprise change): Redacted more potentially-sensitive URI elements from changefeed job descriptions. This is a breaking change for workflows involving copying URIs. As an alternative, the unredacted URI may be accessed from the jobs table directly.

@HonoreDB HonoreDB requested a review from dt January 19, 2022 21:33
@HonoreDB HonoreDB requested a review from a team as a code owner January 19, 2022 21:33
@HonoreDB HonoreDB requested review from miretskiy and removed request for a team January 19, 2022 21:33
@cockroach-teamcity
Copy link
Member

This change is Reviewable

@HonoreDB
Copy link
Contributor Author

image

@HonoreDB HonoreDB added the backport-21.2.x 21.2 is EOL label Jan 19, 2022
@HonoreDB
changefeedccl: more redactions in changefeed job description
4852af4 
Expands the denylist for what in the sink URI gets shown in the
job description to redact ca_cert and client_cert.
Also redacts everything before an `@` symbol in the host as that
can be a user credential.

Release note (enterprise change): Redacted more potentially-sensitive URI elements from changefeed job descriptions. This is a breaking change for workflows involving copying URIs. As an alternative, the unredacted URI may be accessed from the jobs table directly.
@HonoreDB
Copy link
Contributor Author

bors r=[dt]

@craig
Copy link
Contributor

craig bot commented Jan 20, 2022

Build succeeded:

@craig craig bot merged commit 0907be1 into cockroachdb:master Jan 20, 2022
@blathers-crl blathers-crl bot mentioned this pull request Jan 20, 2022
Merged
@cockroach-teamcity cockroach-teamcity mentioned this pull request Jan 20, 2022
Closed
@HonoreDB HonoreDB mentioned this pull request Feb 1, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dt dt dt approved these changes

@miretskiy miretskiy Awaiting requested review from miretskiy miretskiy is a code owner automatically assigned from cockroachdb/cdc-prs

Assignees
No one assigned
Labels
backport-21.2.x 21.2 is EOL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@HonoreDB @cockroach-teamcity @dt