You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is no option available to specify a Secret for the Scanner password, meaning it has to be input in plaintext in a Helm values file or passed via command-line. But not all Helm deployment styles allow for command-line specification, requiring customization to do so. This is also a security issue as, in either case, the plaintext password is introspectable.
This seems like it may be difficult to provide here and may require upstream changes to the Scanner, because it seems to only accept password as command-line argument in the Chart's containers spec as well as per the Scanner executable docs. This may require it to accept an environment variable or volume mount as an alternative to the command-line argument.
The text was updated successfully, but these errors were encountered:
There is no option available to specify a Secret for the Scanner
password
, meaning it has to be input in plaintext in a Helm values file or passed via command-line. But not all Helm deployment styles allow for command-line specification, requiring customization to do so. This is also a security issue as, in either case, the plaintext password is introspectable.It would be much easier if the Scanner
password
could be specified as a Secret, similar to the Server's admin password or the Enforcer'senforcerToken
This seems like it may be difficult to provide here and may require upstream changes to the Scanner, because it seems to only accept
password
as command-line argument in the Chart's containers spec as well as per the Scanner executable docs. This may require it to accept an environment variable or volume mount as an alternative to the command-line argument.The text was updated successfully, but these errors were encountered: