Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-14644

[GRC] Policy Compliance history has a long live token type that is being phased out.

XMLWordPrintable

    • False
    • None
    • False
    • Hide

      Provide the required acceptance criteria using this template.
      * ...
      Show
      Provide the required acceptance criteria using this template. * ...
    • None

      Value Statement

      OCP has a security stance that we should not have long lived tokens.

      Token can be viewed by running:
      oc get secrets \
          --all-namespaces \
          --field-selector type=kubernetes.io/service-account-token

      This token is present by default.

      Definition of Done for Engineering Story Owner (Checklist)

      • No longer use a long lived token.

      Development Complete

      • The code is complete.
      • Functionality is working.
      • Any required downstream Docker file changes are made.

      Tests Automated

      • [ ] Unit/function tests have been automated and incorporated into the
        build.
      • [ ] 100% automated unit/function test coverage for new or changed APIs.

      Secure Design

      • [ ] Security has been assessed and incorporated into your threat model.

       

              mprahl Matthew Prahl
              jpacker@redhat.com Joshua Packer
              Derek Ho Derek Ho
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: