fix: mark dsn as isSecret in config schema

[btipling]

Summary

Marks credential field(s) dsn (the DSN connection string embeds the database password) as secret in this connector's config so the credential is stored and handled as a secret rather than plaintext.

This connector defines its config in Go (field package), not a config.yaml. Secret-ness is the field.WithIsSecret(true) option on the field — the authoritative source. There is no committed config_schema.json in this repo, and the generated conf.gen.go is a mapstructure struct that carries no secret metadata, so the one-line config.go change is the complete fix and a CI regen produces no additional diff (no race).

BREAKING

BREAKING: adding isSecret: true to these fields changes how existing configurations are stored. Customers with existing connector configurations will need to re-enter credentials after this change is deployed.

Audit

Part of the connector config secret-ness audit (phase 13). Found via systematic review of credential fields lacking isSecret.

Do not merge — left open for review.

[github-actions]

Connector PR Review: fix: mark dsn as isSecret in config schema

Blocking Issues: 0 | Suggestions: 0 | Threads Resolved: 0
Review mode: full
View review run

Review Summary

Single-line change adds field.WithIsSecret(true) to the dsn config field in pkg/config/config.go. The DSN embeds database credentials, so marking it as secret is correct and necessary. The breaking change for existing configurations is clearly documented in the PR description. No issues found.

Security Issues

None found.

Correctness Issues

None found.

Suggestions

None.

[github-actions]

No blocking issues found.