As things currently stand each users alertmanager configuration is stored as a plaintext JSON byte object in a postgres table. Since alertmanager configs contain api keys and passwords functionality should added to ensure the config is not stored as plaintext but instead an encrypted format of some type.
This bug is specific to the deprecated configs. With the new alertmanager API, secrets are stored in block-storage where the encryption is (can be) performed in the backend.
As things currently stand each users alertmanager configuration is stored as a plaintext JSON byte object in a postgres table. Since alertmanager configs contain api keys and passwords functionality should added to ensure the config is not stored as plaintext but instead an encrypted format of some type.