Uploaded image for project: 'Red Hat Internal Developer Platform'
  1. Red Hat Internal Developer Platform
  2. RHIDP-3195

Secret input field in the Software Template

Create Doc EPIC for Fe...Prepare for Y ReleasePrepare for Z ReleaseXMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major Major
    • None
    • None
    • Software Templates, Upstream
    • None
    • True
    • Hide

      None

      Show
      None
    • False
    • Important

      Description of problem:

      The contents of a secret input field in the Software Template is shown on the review page if no value is entered and the default value is used. Snippet of a Software Template: password: title: Repository password type: string default: abcdef ui:field: Secret

      Prerequisites (if any, like setup, operators/versions):

      Steps to Reproduce

      1. Create a Software Template with this input field
      2. Create a resource using this template
      3. Leave the Repository password field untouched. The default value abcdef will be used
      4. Click Next until the Review page is shown
      5. The value abcdef will be visible
      6. Repeat the steps above and fill in a random password
      7. The password is masked with asterisks on the Review page

      Actual results:

      Expected results:

      Fields with secret data should not visible in the ui nor in logs.

      Reproducibility (Always/Intermittent/Only Once):

      Build Details:

      Additional info (Such as Logs, Screenshots, etc):

              Unassigned Unassigned
              nikhshar@redhat.com Nikhil Sharma
              RHIDP - Core Platform
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: