You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When kubeadm init is used in an automated context, it still prints the token to standard out. When standard output ends up in a log file, it can be cosidered that token is leaked there and can be compromised. We could simply avoid this by either detecting a non-interactive terminal and thereby not printing the join command to the standard output, or have a flag to explicitly disable this behaviour.
The text was updated successfully, but these errors were encountered:
Automatic merge from submit-queue (batch tested with PRs 44601, 44842, 44893, 44491, 44588)
kubeadm: add flag to skip token print out
**What this PR does / why we need it**: When kubeadm init is used in an automated context, it still prints the token to standard out. When standard output ends up in a log file, it can be considered that the token is leaked there and can be compromised. This PR adds a flag you can select to not have it print out and explicitly disable this behavior.
This is a continuation from #42823 since it had to be closed.
**Which issue this PR fixes** : fixes #kubernetes/kubeadm#160
**Special notes for your reviewer**: /cc @luxas@errordeveloper
**Release note**:
```release-note
NONE
```
When
kubeadm init
is used in an automated context, it still prints the token to standard out. When standard output ends up in a log file, it can be cosidered that token is leaked there and can be compromised. We could simply avoid this by either detecting a non-interactive terminal and thereby not printing the join command to the standard output, or have a flag to explicitly disable this behaviour.The text was updated successfully, but these errors were encountered: