internal/postgres: redact password in error messages

Change-Id: I487f1dd3d6e925b1d95a2ddd7726d7a1b4ed9e42
Reviewed-on: https://team-review.git.corp.google.com/c/golang/discovery/+/599091
CI-Result: Cloud Build <devtools-proctor-result-processor@system.gserviceaccount.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>

internal/postgres/postgres.go

@@ -8,6 +8,7 @@ import (
 	"context"
 	"database/sql"
 	"fmt"
+	"regexp"
 	"strings"
 	"sync/atomic"
 	"time"
@@ -136,7 +137,8 @@ func logQuery(query string, args []interface{}) func(*error) {
 
 // Open creates a new DB for the given Postgres connection string.
 func Open(driverName, dbinfo string) (_ *DB, err error) {
-	defer derrors.Wrap(&err, "postgres.Open(%q, %q)", driverName, dbinfo)
+	defer derrors.Wrap(&err, "postgres.Open(%q, %q)",
+		driverName, redactPassword(dbinfo))
 
 	db, err := sql.Open(driverName, dbinfo)
 	if err != nil {
@@ -149,6 +151,12 @@ func Open(driverName, dbinfo string) (_ *DB, err error) {
 	return &DB{db}, nil
 }
 
+var passwordRegexp = regexp.MustCompile(`password=\S+`)
+
+func redactPassword(dbinfo string) string {
+	return passwordRegexp.ReplaceAllLiteralString(dbinfo, "password=REDACTED")
+}
+
 // Transact executes the given function in the context of a SQL transaction,
 // rolling back the transaction if the function panics or returns an error.
 func (db *DB) Transact(txFunc func(*sql.Tx) error) (err error) {