Description
What did you do?
I set DATA_SOURCE_NAME with connection string providing user name and password as url parameters.
This is the format of my connection DATA_SOURCE_NAME string:
postgresql://:/?user=&password=
I populated the user and password parameters with invalid credentials. Bad password, etc.
Then I ran postgres_exporter application and loaded my 0.0.0.0/metrics endpoint
What did you expect to see?
In my logging output, I expected to see "PASSWORD REMOVED" in message text.
What did you see instead? Under which circumstances?
Instead the full password is logged.
I can work around this issue by changing my connection string to be formatted as
postgresql://:@:/
but it seems like loggableDSN() function should handle this condition as well.
-
System information:
Darwin 21.4.0 arm64
-
postgres_exporter version:
version 0.10.1
-
postgres_exporter flags:
--web.listen-address=":8080"