From 6a4e3dbdcc6c5f8f4ae1bdfbaed15d52f7b1c25c Mon Sep 17 00:00:00 2001
From: Noel Kwan <noelkwan1998@gmail.com>
Date: Tue, 24 Oct 2023 19:14:44 +0800
Subject: [PATCH 1/2] hide etcd pwd in logs

---
 src/cmd_all/src/standalone.rs | 5 ++++-
 src/meta/node/src/lib.rs      | 3 ++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/cmd_all/src/standalone.rs b/src/cmd_all/src/standalone.rs
index 8ebe2c7112c49..ea8ea42ded513 100644
--- a/src/cmd_all/src/standalone.rs
+++ b/src/cmd_all/src/standalone.rs
@@ -138,8 +138,11 @@ pub async fn standalone(opts: StandaloneOpts) -> Result<()> {
         compactor_opts,
     } = parse_opt_args(&opts);
 
-    if let Some(opts) = meta_opts {
+    if let Some(mut opts) = meta_opts {
+        let etcd_pwd = opts.etcd_password;
+        opts.etcd_password = String::from("*");
         tracing::info!("starting meta-node thread with cli args: {:?}", opts);
+        opts.etcd_password = etcd_pwd;
 
         let _meta_handle = tokio::spawn(async move {
             risingwave_meta_node::start(opts).await;
diff --git a/src/meta/node/src/lib.rs b/src/meta/node/src/lib.rs
index 55c7b27b0c80a..e2e6304027fc3 100644
--- a/src/meta/node/src/lib.rs
+++ b/src/meta/node/src/lib.rs
@@ -17,6 +17,7 @@
 #![cfg_attr(coverage, feature(no_coverage))]
 
 mod server;
+
 use std::time::Duration;
 
 use clap::Parser;
@@ -71,7 +72,7 @@ pub struct MetaNodeOpts {
 
     /// Password of etcd, required when --etcd-auth is enabled.
     #[clap(long, env = "RW_ETCD_PASSWORD", default_value = "")]
-    etcd_password: String,
+    pub etcd_password: String,
 
     /// Endpoint of the SQL service, make it non-option when SQL service is required.
     #[clap(long, env = "RW_SQL_ENDPOINT")]

From d9190800249ca2fcaf2e95b7be813100c67faf3c Mon Sep 17 00:00:00 2001
From: Noel Kwan <noelkwan1998@gmail.com>
Date: Thu, 26 Oct 2023 16:37:00 +0800
Subject: [PATCH 2/2] refactor to use type safe

---
 Cargo.lock                    |  7 +++++++
 src/cmd_all/src/standalone.rs | 11 ++++-------
 src/meta/node/Cargo.toml      |  1 +
 src/meta/node/src/lib.rs      |  8 ++++++--
 4 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index ce71e2bf98950..211bf5585283b 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -6627,6 +6627,12 @@ dependencies = [
  "zstd-sys",
 ]
 
+[[package]]
+name = "redact"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0b97c0a6319ae55341eb213c8ef97002630a3a5bd6f287f0124d077121d3f2a5"
+
 [[package]]
 name = "redis"
 version = "0.23.3"
@@ -7712,6 +7718,7 @@ dependencies = [
  "madsim-tonic",
  "model_migration",
  "prometheus-http-query",
+ "redact",
  "regex",
  "risingwave_common",
  "risingwave_common_heap_profiling",
diff --git a/src/cmd_all/src/standalone.rs b/src/cmd_all/src/standalone.rs
index ea8ea42ded513..15a46d789ff3d 100644
--- a/src/cmd_all/src/standalone.rs
+++ b/src/cmd_all/src/standalone.rs
@@ -138,11 +138,8 @@ pub async fn standalone(opts: StandaloneOpts) -> Result<()> {
         compactor_opts,
     } = parse_opt_args(&opts);
 
-    if let Some(mut opts) = meta_opts {
-        let etcd_pwd = opts.etcd_password;
-        opts.etcd_password = String::from("*");
+    if let Some(opts) = meta_opts {
         tracing::info!("starting meta-node thread with cli args: {:?}", opts);
-        opts.etcd_password = etcd_pwd;
 
         let _meta_handle = tokio::spawn(async move {
             risingwave_meta_node::start(opts).await;
@@ -198,7 +195,7 @@ mod test {
         // Test parsing into standalone-level opts.
         let raw_opts = "
 --compute-opts=--listen-addr 127.0.0.1:8000 --total-memory-bytes 34359738368 --parallelism 10
---meta-opts=--advertise-addr 127.0.0.1:9999 --data-directory \"some path with spaces\" --listen-addr 127.0.0.1:8001
+--meta-opts=--advertise-addr 127.0.0.1:9999 --data-directory \"some path with spaces\" --listen-addr 127.0.0.1:8001 --etcd-password 1234
 --frontend-opts=--config-path=src/config/original.toml
 --prometheus-listener-addr=127.0.0.1:1234
 --config-path=src/config/test.toml
@@ -206,7 +203,7 @@ mod test {
         let actual = StandaloneOpts::parse_from(raw_opts.lines());
         let opts = StandaloneOpts {
             compute_opts: Some("--listen-addr 127.0.0.1:8000 --total-memory-bytes 34359738368 --parallelism 10".into()),
-            meta_opts: Some("--advertise-addr 127.0.0.1:9999 --data-directory \"some path with spaces\" --listen-addr 127.0.0.1:8001".into()),
+            meta_opts: Some("--advertise-addr 127.0.0.1:9999 --data-directory \"some path with spaces\" --listen-addr 127.0.0.1:8001 --etcd-password 1234".into()),
             frontend_opts: Some("--config-path=src/config/original.toml".into()),
             compactor_opts: None,
             prometheus_listener_addr: Some("127.0.0.1:1234".into()),
@@ -231,7 +228,7 @@ mod test {
                             etcd_endpoints: "",
                             etcd_auth: false,
                             etcd_username: "",
-                            etcd_password: "",
+                            etcd_password: [REDACTED alloc::string::String],
                             sql_endpoint: None,
                             dashboard_ui_path: None,
                             prometheus_endpoint: None,
diff --git a/src/meta/node/Cargo.toml b/src/meta/node/Cargo.toml
index 8c2a5aeadbe41..33163d85802a0 100644
--- a/src/meta/node/Cargo.toml
+++ b/src/meta/node/Cargo.toml
@@ -22,6 +22,7 @@ futures = { version = "0.3", default-features = false, features = ["alloc"] }
 itertools = "0.11"
 model_migration = { path = "../src/model_v2/migration" }
 prometheus-http-query = "0.7"
+redact = "0.1.5"
 regex = "1"
 risingwave_common = { workspace = true }
 risingwave_common_heap_profiling = { workspace = true }
diff --git a/src/meta/node/src/lib.rs b/src/meta/node/src/lib.rs
index e2e6304027fc3..e2bc95b3ac660 100644
--- a/src/meta/node/src/lib.rs
+++ b/src/meta/node/src/lib.rs
@@ -22,6 +22,7 @@ use std::time::Duration;
 
 use clap::Parser;
 pub use error::{MetaError, MetaResult};
+use redact::Secret;
 use risingwave_common::config::OverrideConfig;
 use risingwave_common::util::resource_util;
 use risingwave_common::{GIT_SHA, RW_VERSION};
@@ -72,7 +73,7 @@ pub struct MetaNodeOpts {
 
     /// Password of etcd, required when --etcd-auth is enabled.
     #[clap(long, env = "RW_ETCD_PASSWORD", default_value = "")]
-    pub etcd_password: String,
+    etcd_password: Secret<String>,
 
     /// Endpoint of the SQL service, make it non-option when SQL service is required.
     #[clap(long, env = "RW_SQL_ENDPOINT")]
@@ -197,7 +198,10 @@ pub fn start(opts: MetaNodeOpts) -> Pin<Box<dyn Future<Output = ()> + Send>> {
                     .map(|x| x.to_string())
                     .collect(),
                 credentials: match opts.etcd_auth {
-                    true => Some((opts.etcd_username, opts.etcd_password)),
+                    true => Some((
+                        opts.etcd_username,
+                        opts.etcd_password.expose_secret().to_string(),
+                    )),
                     false => None,
                 },
             },