-
Story
-
Resolution: Done
-
Normal
-
None
Description of problem:
any secret of type dockercfg is including an annotation with the token in clear. While the content of the secret is obfuscated by gitops, it is considered like a security issue that a user can see the token.
More precisely, the annotation is this one:
annotations:
...
openshift.io/token-secret.value: <token>
...
And it's included in any secret with this type: " kubernetes.io/dockercfg "
- causes
-
RFE-5414 Provide ability to hide defined annotations in ArgoCD web UI
-
- Closed
-
- is depended on by
-
GITOPS-5903 Include upstream annotation hiding in the operator
-
- Closed
-
- links to
-
RHEA-2025:144480 Errata Advisory for Red Hat OpenShift GitOps v1.16.0