我使用 jdbc-river 从 PostgreSQL 数据库填充我的 Elasticsearch 实例。河流的记录是使用以下 ruby 代码创建的(因为我从 Rails 应用程序查询 ES):
require 'elasticsearch'
client = Elasticsearch::Client.new
client.create :index => "_river", :type => "ldi", :id => "_meta", :body =>
{
:type => :jdbc,
:jdbc => {
:driver => "org.postgresql.Driver",
:url => "jdbc:postgresql://localhost:5432/" + ENV['DB_NAME'],
:user => ENV['DB_USER'],
:password => ENV['DB_PASS'],
:index => ENV['DB_NAME'],
:type => "ldi",
:sql => "select id as _id, * from ldis"
}
}
我将环境变量用于数据库凭据以避免显示实际变量。问题在于,一旦将记录添加到 ES,实际凭据就会被公开。因此,您可以查询 ES 并获得如下内容:
"hits": {
"total": 6,
"max_score": 1,
"hits": [
{
"_index": "_river",
"_type": "ldi",
"_id": "_meta",
"_score": 1,
"_source": {
"type": "jdbc",
"jdbc": {
"driver": "org.postgresql.Driver",
"url": "jdbc:postgresql://localhost:5432/any_dbname",
"user": "any_dbuser",
"password": "any_dbpass",
"index": "any_index",
"type": "ldi",
"sql": "select id as _id, * from ldis"
}
}
}
....
有什么办法让他们保密吗?