完整的 debezium mysql uri 字符串显示在指标中。它以明文形式显示mysql用户和密码,这是不安全的。如何禁用此功能?我遵循了这个设置here
更多信息:
使用 quarkus 1.11.1.Final 使用 camel 3.7.0 with debezium-connector-mysql 1.3.1.Final
这是骆驼路线
from("debezium-mysql:" + config.getConnectorName()
+ "?databaseHostname=" + config.getHost()
+ "&databasePort=" + config.getPort()
+ "&databaseUser=" + config.getUser()
+ "&databasePassword=" + config.getPassword()
+ "&databaseServerName=" + config.getDatabaseServerName()
+ "&databaseServerId=" + config.getDatabaseServerId()
+ "&databaseIncludeList=" + config.getDatabases()
+ "&tableIncludeList=" + config.getTables()
+ "&columnIncludeList=" + config.getColumns()
+ "&databaseHistoryFileFilename=" + config.getHistoryFile()
+ "&offsetStorageFileName=" + config.getStorageFile()
+ "&exchangePattern=InOnly")
.routeId("debezium")
.process(outgoingProcessor)
.marshal().json(JsonLibrary.Jackson)
.to(ExchangePattern.InOnly, outgoingUri)
.to("micrometer:counter:outgoing.counter")
.end();
当访问 /q/metrics 的指标时,我找到了这个条目
# HELP CamelExchangeEventNotifier_seconds_max
# TYPE CamelExchangeEventNotifier_seconds_max gauge
CamelExchangeEventNotifier_seconds_max{camelContext="camel-1",endpointName="debezium-mysql://entire connection string here with user and password",eventType="ExchangeCompletedEvent",failed="false",serviceName="MicrometerEventNotifierService",} 0.0
答案 0 :(得分:1)
谢谢你提出这个问题。我已经创建了一个 JIRA 票来在即将发布的 Camel 版本中解决这个问题,以掩盖指标中这些事件中的敏感数据