Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-6025

RHACS: Scan for secrets being introduced during the docker image build process, which might be visible in the Dockerhub "image layers" tab.

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • RHACS
    • None
    • Product / Portfolio Work
    • None
    • False
    • None
    • None
    • None
    • None
    • None

      1. Proposed title of this feature request-Scan for secrets being introduced during the docker image build process, which might be visible in the Dockerhub "image layers" tab.
        2. What is the nature and description of the request?  Customer ran into a scenario where they accidentally uploaded a secret to a public docker repo in their dockerfile and would like the ability to scan a Dockerfile for a hardcoded secret. They would also like the ability to scan a configmap for a hard coded secret.

      2. Sometime, the secrets are not in Dockerfile, but might be introduced by the Dockerfile instructions, and caused the secrets to be stored in Dockerhub "Image Layer" Tab
        3. Why does the customer need this? (List the business requirements here) Secure secrets
        4. List any affected packages or components.5. Priority-- Low

              sbadve@redhat.com Shubha Badve
              priysing@redhat.com Priyanka Singh
              None
              Votes:
              1 Vote for this issue
              Watchers:
              10 Start watching this issue

                Created:
                Updated:
                None
                None