the json representation of a query contains a fileIoProperties object with a credential property, this property shows the credential used to connect to the Iceberg REST catalog. this should probably not be made visible here.
URL to get json: https://trino.host/ui/api/query/<id>?pretty
json
"fileIoProperties" : {
"prefix" : "f41871dc-ee37-11f0-8e5f-971109ea6e23",
"view-endpoints-supported" : "true",
"auth.session-timeout-ms" : "3600000",
"token-refresh-enabled" : "false",
"warehouse" : "iceberg",
"uri" : "<<removed>>",
"rest.auth.type" : "oauth2",
"credential" : <<removed>>",
"token-exchange-enabled" : "true",
"scope" : "\"openid email profile offline_access\"",
"oauth2-server-uri" : "<<removed>>",
"trino-version" : "479",
"rest-page-size" : "100",
"s3.path-style-access" : "true",
"s3.region" : "eu-west-1",
"s3.endpoint" : "<<removed>>",
"region" : "eu-west-1",
"client.region" : "eu-west-1"
}
I’m using trino 479 and Lakekeeper 0.11.2 as Iceberg REST catalog and not using credential vending.
i can reproduce it when using the iceberg table management functions like, optimize and expire_snapshots.
https://trino.io/docs/current/connector/iceberg.html#schema-and-table-management
when running normal select/delete sql queries i don’t see the fileIoProperties object in the json output.
the json representation of a query contains a fileIoProperties object with a credential property, this property shows the credential used to connect to the Iceberg REST catalog. this should probably not be made visible here.
URL to get json:
https://trino.host/ui/api/query/<id>?prettyjson
I’m using trino 479 and Lakekeeper 0.11.2 as Iceberg REST catalog and not using credential vending.
i can reproduce it when using the iceberg table management functions like, optimize and expire_snapshots.
https://trino.io/docs/current/connector/iceberg.html#schema-and-table-management
when running normal select/delete sql queries i don’t see the fileIoProperties object in the json output.