noobaa-operator
noobaa-operator copied to clipboard
Sensitive data is printed in operator logs
I can see sensitive data printed in the logs.
Example:
time="2020-02-12T17:49:09Z" level=warning msg="using existing pool but connection mismatch &{Name:my-backingstore EndpointType:S3_COMPATIBLE Endpoint:http://jenia:80 Identity:KEY Secret:KEY AuthMethod:AWS_V4} pool &{Name:my-backingstore ResourceType:CLOUD Mode:INITIALIZING Region: PoolNodeType:BLOCK_STORE_S3 Undeletable: CloudInfo:0xc0002f5300 MongoInfo:
You can see the access_key (Identity) and secret_key (Secret). There are probably more prints.