Elasticsearch authentication credentials can leak into rally.log when using the --kill-running-processes CLI argument and there is a running process to kill. Rally should not leak basic authentication credentials or API keys to rally.log.
2024-06-27 09:54:12,866 -not-actor-/PID:1698183 esrally.utils.process INFO Killing lingering process with PID [1696855] and command line [['/home/user/.conda/envs/rally/bin/python', '/home/user/.conda/envs/rally/bin/esrally', 'race', '--track-path=.', '--pipeline=benchmark-only', '--target-hosts=https://10.13.31.10:9200', "--client-options=basic_auth_user:'elastic',basic_auth_password:'TheLeakedPassword',use_ssl:true,verify_certs:false,timeout:60", '--kill-running-processes']].
Elasticsearch authentication credentials can leak into rally.log when using the
--kill-running-processes
CLI argument and there is a running process to kill. Rally should not leak basic authentication credentials or API keys to rally.log.Problem code line
Example log