basic auth credential leaks in both logs and metric labels

[phsiao]

If you configure basic auth credential to auth with your ES cluster, the credential is in clear text in both the logs and metrics labels.

[zwopir]

Hi @philhoer1 ,

can you specify which version you're using? if it's the latest stable, it's a bug. Please provide a redacted log extract to help debugging.

If the version is older than the latest stable, please update. There have been some bug fixes in the past regarding leaded credentials to the logging

[phsiao]

I am running justwatch/elasticsearch_exporter:1.1.0rc1. Let me check what happen in the latest stable and report back.

Thanks.

[phsiao]

Confirmed it is redacted in the log, and completed removed in the metric labels. Sorry for not checking newer version first.

Closing.

[phsiao]

Find one case, and reported in #299.