premkamal23 opened a new pull request, #12481: URL: https://github.com/apache/kafka/pull/12481
[KAFKA-14115] Password configs are logged in plaintext in KRaft While updating the config for a broker ConfigurationControlManager is logging sensitive config values (listener.name.external.ssl.key.password). ConfigResource(type=BROKER, name='1'): set configuration listener.name.external.ssl.key.password to bar We need to redact these values the same as BrokerMetadataPublisher Updating broker 1 with new configuration : listener.name.external.ssl.key.password -> [hidden] Changes: updated isSensitive method to check if the config name contains the string password and used the same while logging config values. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org