-
Notifications
You must be signed in to change notification settings - Fork 7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: Remove log message about resolving symlink. #13015
base: main
Are you sure you want to change the base?
Conversation
This log message is very spammy is building many helm charts. Signed-off-by: Connor Hindley <connor.hindley@tanium.com>
f56e962
to
c2a8a12
Compare
The reason for the logging is due to accidental disclosure. Imaging someone creates a chart with a symlink to something in Symlink handling has been part of the discussion in our security audits because of the danger of misuse. I understand the atypical setup you have, @connyay. Any idea how to inform Helm users (who are often not chart creators) without filling your logs? |
Thanks for the review! Makes sense. I’d be happy with an env var or cli flag to suppress this log message. Would that be acceptable? If so, any recommendations on naming or patterns? Something like ‘HELM_SUPPRESS_SYMLINK_LOG’? |
I added this topic to this weeks developer call on Thursday. Will come back to this after discussing it there. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We discussed this in the Helm developer call for May 23, 2024. The consensus was that we would be interested in a general log filtering mechanism instead of this specific one. If we have a flag to filter this one log message than others will ask to filter others with flags. We would want a general filtering capability.
It would essentially be like helm <commands and arguments> | grep -v "<log message to filter>"
Given that this is notification is there for security and possible abuses, we have concerns around a general flag that could easily be picked up in copy/paste commands for use with Helm.
Helm has documented audiences and the application operator (i.e. chart user) is the highest priority user. Most often, these users are getting their charts from someone else.
This log message is very spammy when building many helm charts.
What this PR does / why we need it:
This pr removes a log message about resolving symlinks.
Special notes for your reviewer:
If applicable: