remove sensitive catalog properties in getTable #1860
Conversation
fluss-server/src/main/java/org/apache/fluss/server/coordinator/MetadataManager.java
Outdated
Show resolved
Hide resolved
fluss-server/src/main/java/org/apache/fluss/server/coordinator/MetadataManager.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Pull Request Overview
This PR adds filtering of sensitive catalog properties (passwords, secrets, keys) from table metadata returned to clients. The implementation prevents exposure of sensitive configuration data when retrieving table information.
- Added a
removeSensitiveCatalogPropertiesmethod to filter out sensitive properties before returning table info - Defined a static set of sensitive property keywords ("password", "secret", "key")
- Integrated the filtering into the
getTablemethod to sanitize lake catalog options
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| fluss-server/src/main/java/org/apache/fluss/server/coordinator/MetadataManager.java | Added sensitive property filtering logic and applied it to the getTable method |
| fluss-client/src/test/java/org/apache/fluss/client/admin/FlussAdminITCase.java | Added test case to verify password property is filtered out while non-sensitive properties remain |
| fluss-client/src/test/java/org/apache/fluss/client/admin/ClientToServerITCaseBase.java | Added test configuration with sensitive jdbc credentials for testing |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
fluss-server/src/main/java/org/apache/fluss/server/coordinator/MetadataManager.java
Show resolved
Hide resolved
fluss-server/src/main/java/org/apache/fluss/server/coordinator/MetadataManager.java
Show resolved
Hide resolved
| private final int maxBucketNum; | ||
| private final LakeCatalogDynamicLoader lakeCatalogDynamicLoader; | ||
|
|
||
| public static final Set<String> SENSITIVE_TABLE_OPTIOINS = new HashSet<>(); |
There was a problem hiding this comment.
The SENSITIVE_CATALOG_PROPERTIES set is not immutable despite being a public static final field. Consider using Collections.unmodifiableSet() or Java 9+ Set.of() to create a truly immutable set, preventing external modification.
|
Hi @luoyuxia comments addresses. Please take a look. |
| return; | ||
| } | ||
|
|
||
| Iterator<Map.Entry<String, String>> iterator = tableLakeOptions.entrySet().iterator(); |
There was a problem hiding this comment.
for (String sensitiveKey : SENSITIVE_CATALOG_PROPERTIES) {
tableLakeOptions.remove(sensitiveKey);
}
Will it be more efficient or simple for iter table option consider table optio?
There was a problem hiding this comment.
It's a fuzzy string matching between tableLakeOptions's key and sensitiveKey. I'm afraid we are not able to do that.
2 participants
Purpose
Linked issue: close #1904
Brief change log
Tests
API and Format
Documentation