-
Notifications
You must be signed in to change notification settings - Fork 130
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Users should not supply auth token in chains-config configMap in plaintext #1074
Comments
Agreed. We should make this a secret ref (though for backwards compatibility probably needs to be a new field) |
@lcarva did you propose |
I believe @PuneetPunamiya did during one of the Chains WG meeting. There was unanimous agreement among the Chains maintainers IIRC. |
ack, sounds good :) i agree with the solution and it solves similar issues as users are facing with |
Feature request
As of today vault token is supplied via the
signers.kms.kmsref.auth.token
field which is not very ideal as it stores the token in clear textThis can also be true for other tokens as well
The text was updated successfully, but these errors were encountered: