-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Defend against logging secrets via static analysis #1933
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Comments
/sig instrumentation /wg security audit |
@PurelyApplied: The label(s) In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/wg "security audit" |
@PurelyApplied: The label(s) In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Looks like @wg-security-audit tag doesn't exist yet - I'll see if we can do something about that. |
Enhancements Lead here. Any plans for this to be alpha/beta/stable in 1.20? Thanks! |
We would like to see this included in 1.20 with #1753, assuming it is approved and merged before the enhancements freeze. |
great we will track for now and just let us know if anything changes. thank you! /milestone v1.20 |
As a note, since I see that the KEP draft is provisional to be included in a release by enhancements freeze: The KEP must be merged in an implementable state |
Duly noted. I've updated the KEP's Graduation Criteria to reflect a 1.20 target for Alpha. Proof-of-concept implementations can be found at /kubernetes#94661 and /test-infra#19181. We plan to iterate on these soon, including fleshing out testing / test plans on both sides. Graduation criteria has been clarified. |
Rather belatedly... /wg security-audit |
Awesome, thank you!! Also the KEP should be updated to reflect an implementable state by Enhancements Freeze (Oct 6th) it is currently provisional: https://github.com/kubernetes/enhancements/pull/1936/files#diff-83bc478e0a3c00961b8e714c26c541ed |
#1936 merged! Updating sheet to tracked! |
Hi @PurelyApplied , Since your Enhancement is scheduled to be in 1.20, please keep in mind the important upcoming dates:
As a reminder, please link all of your k/k PR as well as docs PR to this issue so we can track them. Regards, |
Hello @PurelyApplied 👋 , 1.20 Docs lead here. Does this enhancement work planned for 1.20 require any new docs or modification to existing docs? If so, please follows the steps here to open a PR against Also, take a look at Documenting for a release to get yourself familiarize with the docs requirement for the release. Thank you! |
The docs placeholder deadline is almost here. Please make sure to create a placeholder PR against the Also, please keep in mind the important upcoming dates:
As a reminder, please link all of your k/k PR as well as docs PR to this issue for the release team to track. |
@annajung Thanks for the reminder. None of the other |
Thanks for the update! I will update the tracking sheet accordingly. |
/stage stable |
Hi @PurelyApplied, 1.23 Enhancements Shadow here. Just a friendly reminder that Code Freeze is approaching on November 16th at 6:00 pm PST. The current status of this enhancement is Thanks! |
Hi @PurelyApplied , could you please point me to your k/k code PR's for the 1.23 relase. Is it: |
Hi @gracenng, sorry I missed last week's ping. Yes, all KEP-1933 code in k/k is the k/k/hack/tools/ as test targets for Prow. Is |
Hi @PurelyApplied, |
Hi @PurelyApplied , 1.24 Enhancements Lead here. Could you please update this enhancements's KEP status to Thanks :) |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
Oooof. Four months late, but yeah, this has been implemented and landed for a good while now. Relabeling and closing. /stage implemented |
Is the work really complete? Is verify-govet-levee.sh run somewhere? It's not part of |
According to the KEP:
I don't think it does... so: /reopen |
@pohly: Reopened this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
It did run, in its own job. I'm currently cleaning that up. I suppose once that is complete, we can consider this issue resolved. |
Enhancement Description
Defend against logging secrets via static analysis
Please keep this description up to date. This will help the Enhancement Team to track the evolution of the enhancement efficiently.
History:
verify-all.sh
: Exclude KEP-1933 from verify-all.sh until after alpha status. kubernetes#96235The text was updated successfully, but these errors were encountered: