search

lensapp / lens

Lens - The way the world runs Kubernetes
https://k8slens.dev/
MIT License
22.54k stars 1.47k forks source link

Lens App Does Not Correctly Decode Secrets #8084

Open Richard-Barrett opened 2 months ago

Richard-Barrett commented 2 months ago

Describe the bug The lens app does not properly decode secrets. It should be using JSON Path instead of just the base64 -d command against the secret.

To Reproduce Steps to reproduce the behavior:

  1. Go to secrets
  2. look at the secrets

Expected behavior Lens should properly decode the secrets, so that if someone wants to re-use the secret they are not copying over extra zeroes and slashes. It cost me two days for an analysis, and I had to basically write a bash script to filter and parse all secrets in a cluster because someone used your application to make another secret that locked out a service account on Artifactory!

Screenshots NA

Environment (please complete the following information):

Logs: NA

Kubeconfig: Quite often the problems are caused by malformed kubeconfig which the application tries to load. Please share your kubeconfig, remember to remove any secret and sensitive information.

THIS HAS NOTHING TO DO WITH A KUBECONFIG BUT INSTEAD IS THE WAY IN WHICH THE LOGIC OF THE APPLICATION IS WRITTEN

Additional context Fix the decoding process to use JSONPATH to get the actual secret instead of just decoding them with base64 or the library.

Tixon123 commented 2 months ago

Hello Richard-Barrett,

Thank you for reaching out to Lens support!

Thank you for reporting a bug.

We are working on your issue. Stand by for further updates.

Best Regards, Tikhon Kudinov Lens Support Engineer Mirantis, Inc