New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Components logs sanitization #3889
Comments
/milestone v0.4.0 |
@vincepri: Please ensure the request meets the requirements listed here. If this request no longer meets these requirements, the label can be removed In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Quoting from the proposal the implementation plan Alpha (1.20)
I think we should postpone this after 1.21, when performance issues are addressed |
/milestone Next |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-contributor-experience at kubernetes/community. |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-contributor-experience at kubernetes/community. |
/remove-lifecycle rotten |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-contributor-experience at kubernetes/community. |
/lifecycle frozen |
I think this PR #6072 could provide us the sanitizing functionality in logging, so that we only have to go over the structs and tag them (if there are any) |
/assign I'll re-evaluate once when/if the JSON log format PR is merged. |
The upstream dynamic log sanitization filter has been deprecated and will be removed (Deprecation PR). The tags are still used and there is a KEP for static analysis: https://github.com/kubernetes/enhancements/tree/master/keps/sig-security/1933-secret-logging-static-analysis It sounds interesting, but we have to test if it makes sense for us. |
given that in CAPI we are storing all sensitive info in secrets, I'm leaning towards closing this issue (decorating types and running the static analysis won't provide a great signal). |
The static analysis is pretty fancy. I would keep the issue for now, I just want to try the linter at some point. |
I took another look. The tool itself looks interesting, but I couldn't get it to work. It also looks like upstream Kubernetes has issues with Go 1.19 and levee and requires fixes in a Go lib to get it to work again. I even couldn't get it to work with Go 1.18 locally. So overall I agree, given that almost all our secrets are in Secrets and we have a lot of untyped JSON patches in which secrets basically can't be detected I would close this issue as the benefit doesn't outweigh the effort to get it to work and to maintain it over time. /close |
@sbueringer: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
User Story
As a user, I would like Cluster API adopts the same logs sanitization rules used in Kubernetes
Detailed Description
Wtih KEP-1753: Kubernetes system components logs sanitization Kubernetes is introducing a set of sanitization rules leveraging on klog and golang tags.
Those tags will be used for ensuring this data will not be written to logs by Kubernetes system components.
List of datapolicy tags available:
security-key
- for TLS certificate keys. Keywords: key, cert, pemtoken
- for HTTP authorization tokens. Keywords: token, secret, header, authpassword
- anything passwordlike. Keywords: passwordAnything else you would like to add:
/kind feature
/sig instrumentation security
The text was updated successfully, but these errors were encountered: