Closed kevinwallimann closed 3 years ago
Is this a log in Abris? Or who is printing this?
I took the screenshot from the SQL tab of a streaming query in spark history. It's not a direct log in Abris, but I suspect that it's the default toString
implementation of FromAvroConfig
or sth like that
Currently, schema registry credentials can be leaked in the spark plan, like this
Obviously, this is a security risk.
The values of the specific keys containing passwords should be redacted, namely
schema.registry.basic.auth.user.info
,basic.auth.user.info
, andbearer.auth.token
. Another option is not to print the whole schema registry conf at all since arguably the schema registry config is not relevant for the analysis of the spark plan