Bug 1694861
| Summary: | build log output includes credentials | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Ben Parees <bparees> |
| Component: | Build | Assignee: | Alexey Gladkov <agladkov> |
| Status: | CLOSED ERRATA | QA Contact: | wewang <wewang> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 4.1.0 | CC: | adam.kaplan, aos-bugs, pweil, sponnaga, wzheng |
| Target Milestone: | --- | ||
| Target Release: | 4.1.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
Cause: One of the log messages included a dump of the structure that contained the credentials.
Consequence: credentials are visible in the log.
Fix: Don't dump whole structure.
Result: credentials are not visible in the log.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-04 10:46:44 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Runned a build and check the log, no issue now Verified in 4.0.0-0.ci-2019-04-11-185255 payload: registry.svc.ci.openshift.org/ocp/release@sha256:fdeeee0c19bd7b5873744dacf5859ac8adf0850961b7a449db839068f5ce7aef Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0758 |
Description of problem: Build log output shows docker credentials being used How reproducible: always Steps to Reproduce: 1. run a build 2. look at the build output Actual results: build output includes docker creds: Setting authentication for registry "image-registry.openshift-image-registry.svc:5000" using docker.AuthConfiguration{Username:"serviceaccount", Password:"eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjaS1vcC00Y2hnd3NjciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJidWlsZGVyLXRva2VuLWIyeDk2Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImJ1aWxkZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIwYmEzZTM1OS01NGMwLTExZTktYTMwZC0wMjVmYjU4NmQ0NGEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6Y2ktb3AtNGNoZ3dzY3I6YnVpbGRlciJ9.Dj-vGq-ESY559jlHLlE0wE_Udw2fvcVyj7gK7_sydt4O0xONCCmemB7nePbz2AeVW_el8BHw8MiDpJ7hqg4ryfDvYkukCJhteYz1ob8uv84DqryGW0QH09PIG_3EtoWOSN8cGH_VxL02LNjxxTan1GcoozypZYRUuHT3ptPPcftDynPaGSPhnSjtvy3UKjIszPt5XkJydPHn0XCJpPBjHryKFfFMmRikftjXrYCUokbxozjElqPLqmvegwGiVM2c92KNBFFFpL1Y-pvObftIogKa2qnGwnbV7M5l1xg_7p9xKlOeLE-NLgSSsCYnI9jaNw87mQa80bA9hPDwhAj0Zw", Email:"serviceaccount", ServerAddress:"image-registry.openshift-image-registry.svc:5000"} Expected results: should not be dumping the docker auth block.