[
https://issues.apache.org/jira/browse/FLINK-20055?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17228423#comment-17228423
]
Florian Szabo commented on FLINK-20055:
---
It seems that the *ReporterSetup* has been refactored since 1.9.1 so that
message would not show up in logs of the latest release.
> Datadog API Key exposed in Flink JobManager logs
>
>
> Key: FLINK-20055
> URL: https://issues.apache.org/jira/browse/FLINK-20055
> Project: Flink
> Issue Type: Improvement
> Components: Runtime / Configuration
>Affects Versions: 1.9.1, 1.11.2
>Reporter: Florian Szabo
>Priority: Major
>
> When Flink is set up to report metrics to Datadog, the JobManager log
> containe the Datadog API key in plain format. In fact it shows up in two
> different places:
> {code:java}
> 2020-08-03 09:03:19,400 INFO
> org.apache.flink.configuration.GlobalConfiguration- Loading
> configuration property: metrics.reporter.dghttp.apikey,
> ...
> 2020-08-03 09:03:20,437 INFO org.apache.flink.runtime.metrics.ReporterSetup
> - Configuring dghttp with {apikey=,
> tags=<...>,profile:<...>,region:<...>,env:<...>,
> class=org.apache.flink.metrics.datadog.DatadogHttpReporter}.
> {code}
> The expected behavior here should be that the API key in both places is
> hidden so that it does not end up in places where it should not be.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
