-
Bug
-
Resolution: Unresolved
-
Normal
-
4.16
-
Quality / Stability / Reliability
-
False
-
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
The cluster-config-v1 ConfigMap of an IPI Nutanix cluster contains the Nutanix password, making it visible to anyone with access. ------------ $ oc get cm -n kube-system cluster-config-v1 -o yaml | grep -i password -A 5 -B 5 type: UserManaged prismCentral: endpoint: address: hcinxxxp.ot.lxxxl port: 9440 password: Concxxxlusssxhorce.nl2024 <<------ Password username: hcinxxxp prismElements: - endpoint: address: hcinxxxp.ot.lxxxl port: 9440 -------- + In a vSphere IPI cluster, I verified that the password does not appear. --------- $ oc get cm -n kube-system cluster-config-v1 -o yaml | grep -i password -A 5 -B 5 ingressVIPs: - 10.44.939.45 vcenters: - datacenters: - OpenShift-DC password: "" server: vcenter.vmware.xxxx.yyy.com user: "" publish: External pullSecret: "" sshKey: | --------