DB username, password and DB name disclosed publicly

[Farhan-16]

Hi,

Below URL is disclosing the DB username, password and DB name, https://github.com/TIBCOSoftware/js-docker/blob/master/kubernetes/helm/values.yaml

This doesn't seem like the best possible practice.

Thank you Farhan Patil

[ericjohnson-tibco]

Indeed - perhaps we can comment out the username, password, and DB name, so that customers are forced to enter their own versions, rather than accidentally using the defaults that we've provided?

[sgwood63]

These sorts of values always have to be updated for the individual environment as outlined here: https://github.com/TIBCOSoftware/js-docker/tree/master/kubernetes#configure-the-jasperreports-server-service I will make these generic.

This Helm chart needs to be updated for JasperReports Server 7.5 and the multiple images used for k8s. See https://github.com/TIBCOSoftware/js-docker/tree/master/kubernetes

On Fri, Apr 3, 2020 at 8:50 AM Eric Johnson [email protected] wrote:

Indeed - perhaps we can comment out the username, password, and DB name, so that customers are forced to enter their own versions, rather than accidentally using the defaults that we've provided?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/TIBCOSoftware/js-docker/issues/33#issuecomment-608517645, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADCUC6AECXFNOPNS5LH4PKLRKYAT3ANCNFSM4L3NCCYQ .

--

Sherman Wood Principal Architect, Engineering TIBCO Jaspersoft | M +1 415 516-4894 <%2B1%20518%20322%201486> | E [email protected] |

www.jaspersoft.com | community.jaspersoft.com | tibco.com http://www.tibco.com

[ysavoche]

this issue is resolved in the v8.0.0 release