I spun up a couchbase instance and took a backup, and was able to repro this.
The password is not leaked in any of the service logs (i.e. trove api, taskmanager, or conductor) but it _is_ leaked in the trove-guestagent log. The guest-instance (as Thierry mentions above) is not accessible to users, so this is somewhat mitigated -- but I'd like to have this fixed in the guest-agent as hardening, so that we don't end up with the password in the log.
I spun up a couchbase instance and took a backup, and was able to repro this.
The password is not leaked in any of the service logs (i.e. trove api, taskmanager, or conductor) but it _is_ leaked in the trove-guestagent log. The guest-instance (as Thierry mentions above) is not accessible to users, so this is somewhat mitigated -- but I'd like to have this fixed in the guest-agent as hardening, so that we don't end up with the password in the log.
Thanks,
Nikhil