Redact passwords from tasks fetched from the TaskQueue

[AmatyaAvadhanula]

Fixes #15882

Description

Active tasks fetched from TaskQueue's in memory state may reveal sensitive information.

This doesn't happen for payloads fetched from the metadata store, as they are read using a json mapper with an added mixin for redacting credentials.

This PR leans on a similar change in the TaskQueue where a payload is serialized and then deserialized.

Release note

---

Key changed/added classes in this PR

• TaskQueue

---

This PR has:

• been self-reviewed.
  • using the concurrency checklist (Remove this item if the PR doesn't have any relation to concurrency.)
• added documentation for new or modified features or behaviors.
• a release note entry in the PR description.
• added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links.
• added or updated version, license, or notice information in licenses.yaml
• added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader.
• added unit tests or modified existing tests to cover new code paths, ensuring the threshold for code coverage is met.
• added integration tests.
• been tested in a test Druid cluster.

[kfaraz]

Thanks for the fix.
I wonder if it would be better to just do the redaction while putting an item in the tasks map. That way the serde would have to be done only once.
Edit: On second thought, doing the redaction while putting in the map is not a viable option as this same Task instance is sent across the wire to MMs/indexers.

[kfaraz]

Rename since it is not a constant anymore.

Suggested change

	private final ObjectMapper PASSWORD_REDACTING_MAPPER;
	private final ObjectMapper passwordRedactingMapper;

[AmatyaAvadhanula]

Done

[kfaraz]

I think this exception should be targeted either at developer or operator, not the user persona.

Suggested change

	throw DruidException.forPersona(DruidException.Persona.USER)
	.ofCategory(DruidException.Category.RUNTIME_FAILURE)
	.build(e, "Failed to serialize or deserialize task.");
	throw DruidException.forPersona(DruidException.Persona.OPERATOR)
	.ofCategory(DruidException.Category.RUNTIME_FAILURE)
	.build(e, "Failed to serialize or deserialize task[%s].", task.getId());

[AmatyaAvadhanula]

Done

[kfaraz]

Why are we swallowing this exception?

[AmatyaAvadhanula]

I thought it might be helpful to fallback to the metadata store (TaskStorage) in such a case

[kfaraz]

We have to do one of two things:
Either (1) Throw JsonProcessingException from TaskQueue.getActiveTask(), catch it here, log it and fallback to using TaskStorage (catch block should have a comment to this effect). In this case, TaskQueue.getActiveTask need not log the exception.
Or (2) Throw DruidException from TaskQueue.getActiveTask() and don't catch it anywhere.

I would prefer the latter as exception during serde shouldn't happen, and it is best to notify the operator about it as soon as possible.
Also if there is an issue deserializing the task, the task storage would be likely to encounter the same issue as it is the same mapper and the same Task object.

[AmatyaAvadhanula]

Done

[kfaraz]

Suggested change

	final Optional<Task> taskFromTaskStorage = taskStorage.getTask(taskWithPassword.getId());
	final Optional<Task> taskInStorage = taskStorage.getTask(taskWithPassword.getId());

[AmatyaAvadhanula]

Done

[kfaraz]

Suggested change

	final Optional<Task> taskFromTaskQueue = taskQueue.getActiveTask(taskWithPassword.getId());
	final Optional<Task> taskInQueue = taskQueue.getActiveTask(taskWithPassword.getId());

[AmatyaAvadhanula]

Done

[kfaraz]

Assign the result of optional.get() to a new variable and then do the assertions.

[AmatyaAvadhanula]

Done

[kfaraz]

Nit: extra line?

[AmatyaAvadhanula]

Removed

[AmatyaAvadhanula]

Thank you for the reviews @kfaraz @cryptoe