-
Story
-
Resolution: Done
-
Blocker
-
rhwa-24.1
-
None
We would like to store credentials for fence agents in secret object from a security perspective.
Now they are stored in FenceAgentsRemediationTemplate with plain text:
apiVersion: fence-agents-remediation.medik8s.io/v1alpha1
kind: FenceAgentsRemediationTemplate
metadata:
name: fence-agents-remediation-template-fence
namespace: openshift-workload-availability
spec:
template:
spec:
agent: fence_vmware_soap
nodeparameters:
'--plug':
'worker0.autotest4.ocp.bld8.nec.test': 'worker0-autotest4'
'worker1.autotest4.ocp.bld8.nec.test': 'worker1-autotest4'
'worker2.autotest4.ocp.bld8.nec.test': 'worker2-autotest4'
sharedparameters:
'--action': reboot
'--ip': vcenter7.bld8.nec.test
(*) '--password': <password>
(*) '--username': <id>
'--ssl-insecure': ""
retryCount: 5
retryInterval: 5
timeout: '60s'
