Description of problem: https://docs.openshift.com/container-platform/4.10/security/audit-log-policy-config.html#about-audit-log-profiles_audit-log-policy-config Version-Release number of selected component (if applicable): 4.* How reproducible: always Steps to Reproduce: 1. Set audit profile to WriteRequestBodies 2. Wait for api server rollout to complete 3. tail -f /var/log/kube-apiserver/audit.log | grep routes/status Actual results: Write events to routes/status are recorded at the RequestResponse level, which often includes keys and certificates. Expected results: Events involving routes should always be recorded at the Metadata level, per the documentation at https://docs.openshift.com/container-platform/4.10/security/audit-log-policy-config.html#about-audit-log-profiles_audit-log-policy-config Additional info:
Hi Team, shall we please have a rough ETA or plans for this bug/complaince issue?
Hello team, Could we please have an estimation of when this is going to be fixed? We have a customer thas has inquired about this.
kewang, can you please check to see if you can repro it on 4.9.25?
gilins, > I think Grant has been able to reproduce that on a 4.9.25 cluster. can Grant share the actual audit event that has the cert/key (redacted)?
dpunia, I set the target version to 4.12.0, I believe qe can start testing it now.
I fixed it, this is the 4.12.0 bug https://issues.redhat.com//browse/OCPBUGS-3293
Depends on https://issues.redhat.com/browse/OCPBUGS-3290
Dear reporter, we greatly appreciate the bug you have reported here. Unfortunately, due to migration to a new issue-tracking system (https://issues.redhat.com/), we cannot continue triaging bugs reported in Bugzilla. Since this bug has been stale for multiple days, we, therefore, decided to close this bug. If you think this is a mistake or this bug has a higher priority or severity as set today, please feel free to reopen this bug and tell us why. We are going to move every re-opened bug to https://issues.redhat.com. Thank you for your patience and understanding.