Guard should not log password/secrets

Question

Guard should not log password/secrets

amanohar opened this issue 6 years ago · comments

Guard logs secrets or password from providers. It should not log/redact these secrets from pod logs.

1 logs.go:19] FLAG: --azure.client-id="foo"
1 logs.go:19] FLAG: --azure.client-secret="REDACTED"
1 logs.go:19] FLAG: --azure.tenant-id="bar"
1 logs.go:19] FLAG: --ldap.bind-password="REDACTED"

Tamal Saha · Answer 1 · Tue Dec 04 2018 02:51:56 GMT+0800 (China Standard Time)

Working on a fix.

Tamal Saha · Answer 2 · Tue Dec 04 2018 05:57:04 GMT+0800 (China Standard Time)

Fixed in https://github.com/appscode/guard/releases/tag/0.3.0