Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Normal
Fix Version/s: 1.16.0
Affects Version/s: None
Component/s: ArgoCD
Labels:

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Git Pull Request:
https://github.com/argoproj/gitops-engine/pull/577, https://github.com/argoproj/argo-cd/pull/18216
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Description of problem:

any secret of type dockercfg is including an annotation with the token in clear. While the content of the secret is obfuscated by gitops, it is considered like a security issue that a user can see the token.

More precisely, the annotation is this one:

annotations:
...
openshift.io/token-secret.value: <token>
...

And it's included in any secret with this type: " kubernetes.io/dockercfg "

causes

RFE-5414 Provide ability to hide defined annotations in ArgoCD web UI

Closed

is depended on by

GITOPS-5903 Include upstream annotation hiding in the operator

Closed

links to

RHEA-2025:144480 Errata Advisory for Red Hat OpenShift GitOps v1.16.0

Assignee:: Siddhesh Ghadi

Reporter:: German Parente

Votes:: 1 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2024/04/04 1:32 PM

Updated:: 2025/09/12 7:57 PM

Resolved:: 2024/11/28 3:23 AM

Details

Description

Description of problem:

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates