search

devshawn / kafka-gitops

🚀Manage Apache Kafka topics and generate ACLs through a desired state file.
https://devshawn.github.io/kafka-gitops
Apache License 2.0
317 stars 71 forks source link

kafka-gitops should never output passwords #96

Open oocx opened 1 year ago

oocx commented 1 year ago

When I run kafka-gitops with -v, it outputs username and password in plain text:

kafka-gitops-grxt4 kafka-gitops 07:02:35.026 [main] INFO com.devshawn.kafka.gitops.config.KafkaGitopsConfigLoader - Kafka Config: {sasl.mechanism=PLAIN, sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="my-username" password="my-password";, bootstrap.servers=..., sasl.enabled.mechanisms=PLAIN, client.id=kafka-gitops}

If I run kafka-gitops as part of a job in our kubernetes cluster, the password will end up in our log files.

kafka-gitops should never print credentials to avoid leaking them to logs.

joschi commented 1 year ago

Duplicates #93

joschi commented 1 year ago

@oocx If you're still interested, this issue should have been fixed in https://github.com/joschi/kafka-gitops/releases/tag/0.2.16.