Open shayancanonical opened 1 month ago
Code scanning does not provide any warnings related to the tls_certificates charmlib like https://github.com/canonical/mysql-router-k8s-operator/security/code-scanning/3. The warning is for Clear-text logging of sensitive data
tls_certificates
Clear-text logging of sensitive data
There is a warning that is valid - the tls_certificates charm lib v1 is logging certificates from the databag. We need to upgrade to charm lib v2 to avoid this leak.
https://warthogs.atlassian.net/browse/DPE-4739
github-actions[bot]
commented
1 month ago
Expected behavior
Code scanning does not provide any warnings related to the
tls_certificatescharmlib like https://github.com/canonical/mysql-router-k8s-operator/security/code-scanning/3. The warning is forClear-text logging of sensitive dataActual behavior
There is a warning that is valid - the
tls_certificatescharm lib v1 is logging certificates from the databag. We need to upgrade to charm lib v2 to avoid this leak.