-
Feature
-
Resolution: Unresolved
-
Undefined
-
None
-
Logging 6.0
-
None
-
False
-
None
-
False
-
Not Selected
-
0
Proposed title of this feature request
Header Api-token tokens should be injected via secret in ClusterLogForwarder
What is the nature and description of the request?
As per the current architecture, the headers needs to be specified as a plain text string in ClusterLogForwarder
$ oc explain obsclf.spec.outputs.http.headers GROUP: observability.openshift.io KIND: ClusterLogForwarder VERSION: v1 FIELD: headers <map[string]string> DESCRIPTION: Headers specify optional headers to be sent with the request
If Api-token needs to be injected, then it has to specified as a plain text string in ClusterLogForwarder which induces security concerns. So, it would better to inject headers which contains sensitive information to be injected via kubernetes secret.
Why does the customer need this? (List the business requirements)
Customer wants to inject Api-token and specifying it as plain text string creates security related concerns which can be avoided by using secrets.
List any affected packages or components.
ClusterLogForwarder (Vector Collector)
Additional Info:
Found below link which supports injecting bearer token but not the Api-token:
