Loading...

XML

Word

Printable

Type: Feature Request
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: None
Component/s: GitOps
Labels:
- gitops

Target Version:
None
Activity Type:
Product / Portfolio Work
Status Summary:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Products:
None
Hierarchy Progress Bar:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Review Complete:
None
PX Impact Score:
PX Impact Range:
None
PX Priority Data:
None
PX Technical Impact:
None
PX Technical Impact Notes:
None
PX Scheduling Request:
None

1. Proposed title of this feature request
Add dedicated resource.sensitive.mask.annotations parameter for Red Hat product

2. What is the nature and description of the request?
We propose adding a dedicated setting specifically tailored for Red Hat products within the GitOps framework (redhat.sensitive.mask.annotations).
This new setting would be:

Managed by Red Hat: Red Hat would be responsible for identifying and masking sensitive information associated with its own software and services.
Centralized and Authoritative: This would provide a single, reliable source for Red Hat product-specific sensitive data masking.
This list of Red Hat sensitive annotations will be merged with annotations listed in resource.sensitive.mask.annotations in order to seperate Red Hat managed annotations and customer managed annotations

Key Advantages:

Enhanced Security: Centralized management by Red Hat ensures consistent and proper handling of all relevant annotations, minimizing the risk of accidental exposure and ensuring adherence to security best practices.
Clear Separation of Concerns: This approach distinctly separates customer-specific sensitive data masking from Red Hat product-specific masking, leading to a more organized and manageable GitOps environment.

3. Why does the customer need this? (List the business requirements here)
GitOps offers a key resource.sensitive.mask.annotations setting to prevent sensitive information from being exposed in configuration annotations.
While highly effective for customer-specific workloads, applying this to Red Hat products presents a significant challenge.
Customers are currently required to possess extensive knowledge of all Red Hat product annotations to properly configure sensitive data masking.
This leads to:

Undue Burden: Customers must research and manually configure masking for numerous Red Hat components.
Configuration Errors: Lack of deep, nuanced understanding of internal Red Hat annotations can lead to incorrect masking.
Potential Data Exposure: Incorrect configuration increases the risk of sensitive data being inadvertently exposed.

4. List any affected packages or components.
GitOps

is related to

RFE-7499 Automatically hide annotations defined in the ArgoCD web UI

Backlog

Assignee:: Harriet Lawrence

Reporter:: Franck Grosjean

Need Info From:: None

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/10/28 2:40 PM

Updated:: 2025/10/28 2:51 PM

Target start:: None

Target end:: None

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates