Description of problem: Customer has concerns over the display of authentication/passwords in flat configuration files: # cat /etc/origin/master/session-secrets.yaml apiVersion: v1 kind: SessionSecrets secrets: - authentication: "<SECRET>" encryption: "<SECRET>" Hide Section - Tags Version-Release number of selected component (if applicable): 3.4.0 How reproducible: Default with the product Actual results: Data is in a flat file Expected results: Data would be more encrypted, not "out in the open"
Session secrets are managed by the authn operator in 4.x and use randomly generated keys.
Since auth config will not be stored in a file on disk like this in 4.0, move this to verify.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0758