Uploaded image for project: 'Managed Service - Streams'
  1. Managed Service - Streams
  2. MGDSTRM-8024

Move the MK-CR sensitive information into a master Secret

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Undefined Undefined
    • kasFleetShard-0.24.0
    • None
    • None
    • None
    • False
    • None
    • False
    • No
    • MGDSRVS-72 - Address identified security threats of the platform
    • MK - Sprint 216, MK - Sprint 217, MK - Sprint 218, MK - Sprint 220, MK - Sprint 221

      WHAT

      Managed Kafka CR that is delivered from the Control Plane has inlined secrets, which need to move to a master secret before an instance of Managed Kafka is created

      WHY

      Custom resources should not contain any secret information

      HOW

      When the Sync module receives the Managed Kafka request, the Sync module needs to remove the secret information from the CR and create a master secret from it, then update the CR to use the master secret.

      DONE

      When Managed Kafka CR deployed on the cluster does not have any secret information.

      Guidelines

      The following steps should be adhered to:

      • Required tests should be put in place - unit, integration, manual test cases (if necessary)
      • CI and all relevant tests passing
      • Changes have been verified by one additional reviewer against:
      • each required environment
      • each supported upgrade path
      • If the changes could have an impact on the clients (either UI or CLI), a JIRA should be created for making the required changes on the client side and acknowledged by one of the client side team members. PR has been merged
         

              srbiswas@redhat.com Srijoni Biswas
              rhn-engineering-rareddy Ramesh Reddy
              Kafka Fleet Services
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: