pgduck client: log conninfo to server log instead of errdetail

Per review on PR #361: the connection string may include credentials and is
an internal detail not appropriate for the client. Emit a separate LOG
ereport() with errmsg + errdetail before the user-facing ERROR so
administrators can still debug misconfigured servers (issue #293) via the
PostgreSQL server log without leaking the conninfo to the client.

Signed-off-by: David Christensen <david.christensen@snowflake.com>

Author: sfc-gh-dachristensen

pg_lake_engine/src/pgduck/client.c

@@ -143,15 +143,22 @@ GetPGDuckConnection(void)
 
 		PQfinish(connection);
 
-#ifdef USE_ASSERT_CHECKING
-		ereport(ERROR,
-				(errmsg("could not start query engine: %s", errorMessage),
+		/*
+		 * Log the conninfo to the server log so an administrator can debug
+		 * misconfigured servers (issue #293) without exposing the connection
+		 * string -- which may include credentials -- to the client.  We
+		 * intentionally do not include the libpq error message here; it is
+		 * surfaced only in the assertion-enabled ERROR below.
+		 */
+		ereport(LOG_SERVER_ONLY,
+				(errmsg("could not start query engine"),
 				 errdetail("connection string: %s", PgduckServerConninfo)));
+
+#ifdef USE_ASSERT_CHECKING
+		ereport(ERROR, (errmsg("could not start query engine: %s", errorMessage)));
 #else
 		/* hide internals from users */
-		ereport(ERROR,
-				(errmsg("could not start query engine"),
-				 errdetail("connection string: %s", PgduckServerConninfo)));
+		ereport(ERROR, (errmsg("could not start query engine")));
 #endif
 	}