null data in ConfigMap false positive as potentially sensitive content

[frimik]

What happened?

data: null in configMap is flagged for potentially sensitive content

apiVersion: v1
data: null
kind: ConfigMap
metadata:
  labels:
    app: cert-manager
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: cert-manager
    app.kubernetes.io/managed-by: Helmraiser
    app.kubernetes.io/name: cert-manager
    app.kubernetes.io/version: v1.13.2
    helm.sh/chart: cert-manager-v1.13.2
  name: cert-manager
  namespace: cert-manager

ConfigMap cert-manager-webhook in namespace cert-manager
    sensitiveConfigmapContent            ❌ Danger
        Security - Potentially sensitive content is detected in the ConfigMap keys or values

ConfigMap cert-manager in namespace cert-manager
    sensitiveConfigmapContent            ❌ Danger
        Security - Potentially sensitive content is detected in the ConfigMap keys or values

What did you expect to happen?

an empty-data configMap is expected to pass.

How can we reproduce this?

Run an audit against a configmap yaml with data: null

polaris audit --audit-path ./target/tanka/ --format=pretty --only-show-failed-tests --severity=danger

Version

Polaris version:9.0.1

Search

• [X] I did search for other open and closed issues before opening this.

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

Additional context

No response

[Ritish134]

I think data: null is being treated as a misconfiguration by the audit. Instead we can use data: {}