SAMZA-589; sanitize sensitive data beore displaying configs to UI

build.gradle

@@ -56,6 +56,7 @@ rat {
     '**/.git/**',
     '**/.gitignore',
     '**/.gradle/**',
+    '**/.idea/**',
     '**/.project',
     '**/.settings/**',
     '**/.DS_Store/**',

docs/learn/documentation/versioned/jobs/configuration.md

@@ -58,6 +58,9 @@ Configuration keys that absolutely must be defined for a Samza job are:
 
 ### Configuration Keys
 
-A complete list of configuration keys can be found on the [Configuration Table](configuration-table.html) page.
+A complete list of configuration keys can be found on the [Configuration Table](configuration-table.html) page.  Note
+that configuration keys prefixed with "sensitive." are treated specially, in that the values associated with such keys
+will be masked in logs and Samza's YARN ApplicationMaster UI.  This is to prevent accidental disclosure only; no
+encryption is done.
 
 ## [Packaging »](packaging.html)

samza-api/src/main/java/org/apache/samza/config/Config.java

@@ -33,6 +33,9 @@
  * Store and retrieve named, typed values as configuration for classes implementing this interface.
  */
 public abstract class Config implements Map<String, String> {
+  public static final String SENSITIVE_PREFIX = "sensitive.";
+  public static final String SENSITIVE_MASK = "********";
+
   public Config subset(String prefix) {
     return subset(prefix, true);
   }
@@ -221,6 +224,8 @@ public Date getDate(String k, SimpleDateFormat format, Date defaultValue) {
     }
   }
 
+  public abstract Config sanitize();
+
   public void clear() {
     throw new ConfigException("Config is immutable.");
   }

samza-api/src/main/java/org/apache/samza/config/MapConfig.java

@@ -31,11 +31,11 @@
  */
 public class MapConfig extends Config {
   private final Map<String, String> map;
-  
+
   public MapConfig() {
     this.map = Collections.emptyMap();
   }
-  
+
   public MapConfig(Map<String, String> map) {
     this(Collections.singletonList(map));
   }
@@ -78,6 +78,21 @@ public boolean containsValue(Object v) {
     return map.containsKey(v);
   }
 
+  @Override
+  public Config sanitize() {
+    return new MapConfig(sanitizeMap());
+  }
+
+  private Map<String, String> sanitizeMap() {
+    Map<String, String> sanitized = new HashMap<String, String>(map);
+    for (Entry<String, String> entry : sanitized.entrySet()) {
+      if (entry.getKey().startsWith(SENSITIVE_PREFIX)) {
+        entry.setValue(SENSITIVE_MASK);
+      }
+    }
+    return sanitized;
+  }
+
   @Override
   public int hashCode() {
     final int prime = 31;
@@ -105,6 +120,6 @@ public boolean equals(Object obj) {
 
   @Override
   public String toString() {
-    return map.toString();
+    return sanitizeMap().toString();
   }
 }

samza-api/src/test/java/org/apache/samza/config/TestConfig.java

@@ -19,7 +19,7 @@
 
 package org.apache.samza.config;
 
-import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.*;
 
 import java.util.Map;
 import java.util.HashMap;
@@ -61,4 +61,23 @@ public void testgetShortAndLong() {
     Class c4 = getClass(mc.getLong("testkey", defaultLong));
     assertEquals(Long.class, c4);
   }
+
+  @Test
+  public void testSanitize() {
+    Map<String, String> m = new HashMap<String, String>() {{
+      put("key1", "value1");
+      put("key2", "value2");
+      put("sensitive.key3", "secret1");
+      put("sensitive.key4", "secret2");
+    }};
+
+    Config config = new MapConfig(m);
+    assertFalse(config.toString().contains("secret"));
+
+    Config sanitized = config.sanitize();
+    assertEquals("value1", sanitized.get("key1"));
+    assertEquals("value2", sanitized.get("key2"));
+    assertEquals(Config.SENSITIVE_MASK, sanitized.get("sensitive.key3"));
+    assertEquals(Config.SENSITIVE_MASK, sanitized.get("sensitive.key4"));
+  }
 }

samza-yarn/src/main/scala/org/apache/samza/webapp/ApplicationMasterRestServlet.scala

@@ -103,6 +103,6 @@ class ApplicationMasterRestServlet(config: Config, state: SamzaAppMasterState, r
   }
 
   get("/config") {
-    jsonMapper.writeValueAsString(new HashMap[String, Object](config.toMap))
+    jsonMapper.writeValueAsString(new HashMap[String, Object](config.sanitize.toMap))
   }
 }

samza-yarn/src/main/scala/org/apache/samza/webapp/ApplicationMasterWebServlet.scala

@@ -37,7 +37,7 @@ class ApplicationMasterWebServlet(config: Config, state: SamzaAppMasterState) ex
 
   get("/") {
     layoutTemplate("/WEB-INF/views/index.scaml",
-      "config" -> TreeMap(config.toMap.toArray: _*),
+      "config" -> TreeMap(config.sanitize.toMap.toArray: _*),
       "state" -> state,
       "rmHttpAddress" -> WebAppUtils.getRMWebAppURLWithScheme(yarnConfig))
   }