Info-leveled logging logs the entire AdmissionReview
pbar1 opened this issue · comments
Pierce Bartine commented
This is surprising, as it makes for very long log messages if the Pod manifest is contained in the AdmissionReview. I'd expect only the image before/after would be logged, for example. Also, it would be possible to leak secrets if they're explicitly set via K8s environment variables. I know that this isn't a best practice, but it could happen, so best to protect oneself with defense in depth.
Tom Hayward commented
I think you're referring to here:
Line 114 in bf209b8
And I agree, it would be more appropriate for Trace
level.
Jainish Shah commented
Please check #66.