fix(pulsar): mark whole auth struct as sensitive (r5.0)

Fixes https://emqx.atlassian.net/browse/EMQX-9900 I tried to patch hocon itself to filter the sensitive data, but the way it's currently structured doesn't seem to keep that field metadata. So, for now, we can just mark the whole auth union as sensitive.
2023-05-17 11:44:19 -03:00 · 2023-05-17 11:44:19 -03:00 · dcccc0910a
parent 38ef99caf5
commit dcccc0910a
1 changed files with 8 additions and 1 deletions
--- a/apps/emqx_bridge_pulsar/src/emqx_bridge_pulsar.erl
+++ b/apps/emqx_bridge_pulsar/src/emqx_bridge_pulsar.erl
@ -46,7 +46,14 @@ fields(config) ->
            )},
        {authentication,
            mk(hoconsc:union([none, ref(auth_basic), ref(auth_token)]), #{
-                default => none, desc => ?DESC("authentication")
+                default => none,
+                %% must mark this whole union as sensitive because
+                %% hocon ignores the `sensitive' metadata in struct
+                %% fields...  Also, when trying to type check a struct
+                %% that doesn't match the intended type, it won't have
+                %% sensitivity information from sibling types.
+                sensitive => true,
+                desc => ?DESC("authentication")
            })}
    ] ++ emqx_connector_schema_lib:ssl_fields();
 fields(producer_opts) ->