Dockerhub credentials logged on startup

[dsyer]

Oops?

2019-09-25 15:13:19.443 [main] INFO  o.t.d.DockerClientProviderStrategy - Found Docker environment with Environment variables, system properties and defaults. Resolved: 
    dockerHost=unix:///var/run/docker.sock
    apiVersion='{UNKNOWN_VERSION}'
    registryUrl='https://index.docker.io/v1/'
    registryUsername='...'
    registryPassword='...'
    registryEmail='...'
    dockerConfig='DefaultDockerClientConfig[dockerHost=unix:///var/run/docker.sock,registryUsername=...,registryPassword=<...>,registryEmail=<...>,registryUrl=https://index.docker.io/v1/,dockerConfigPath=/home/dsyer/.docker,sslConfig=<null>,apiVersion={UNKNOWN_VERSION},dockerConfig=<null>]'

[rnorth]

@dsyer thanks for flagging - that's embarassing, as we've taken pains to santise logs that could potentially hold registry credentials elsewhere. Sorry if this has caused inconvenience.

We'll try and put out a patch release ASAP to fix this.

[dsyer]

They were empty, in my case. But I guess if a user has them in ~/.docker/config.json they will show up here, which would be best to avoid if possible. Thanks.

[dsyer]

Looks like maybe it's from an upstream library anyway (com.github.docker-java:docker-java)?

[dsyer]

... but actually we control the logging here: EnvironmentAndSystemPropertyClientProviderStrategy

[rnorth]

Yes, it's something we control. Really, the logging code we have there is quite outdated and unnecessary - all registry auth is now resolved at pull-time rather than at startup.

I'll raise a PR shortly to drastically prune this logging.