Use engine.url instead of connection string in log message to hide connection password
Description
Printing out connection_string
directly will print out the password directly in the log, while engine.url
sanitizes the string. Using docker-compose -f docker-compose.all-in-one.yml up
to bring up a BuildGrid using a connection string with a secret:
Before this PR:
...
Validating !sql-connection...
2023-05-18 16:12:13,315:[ buildgrid.server.sql.provider][ INFO][MainThread]: Setting up SQL provider with: automigrate=True, connection_string='postgresql://bgd:insecure@database/bgd', connection_timeout=5
2023-05-18 16:12:13,315:[ buildgrid.server.sql.provider][DEBUG][MainThread]: Additional SQLAlchemy Engine args: [{'connect_args': {'connect_timeout': 5, 'options': '-c lock_timeout=5000'}, 'max_overflow': 10, 'pool_size': 5, 'pool_timeout': 30}]
After this PR:
...
Validating !sql-connection...
2023-05-18 16:09:46,505:[ buildgrid.server.sql.provider][DEBUG][MainThread]: Additional SQLAlchemy Engine args: [{'connect_args': {'connect_timeout': 5, 'options': '-c lock_timeout=5000'}, 'max_overflow': 10, 'pool_size': 5, 'pool_timeout': 30}]
2023-05-18 16:09:46,513:[ buildgrid.server.sql.provider][ INFO][MainThread]: Created SQL provider with: automigrate=True, connection='postgresql://bgd:***@database/bgd'
2023-05-18 16:09:46,513:[ buildgrid.server.sql.provider][WARNI][MainThread]: Will attempt migration to latest version if needed.
...