OIDC Provider Secrets are exposed in spotfire-server-config-job

[lczupryn-tibco]

BUG

OIDC Provider Secrets KEY and SECRET_KEY are exposed in pod: spotfire-server-config-job, container config-job stdout logger.

Expectation

Secrets are not printed out

[gmace-tibco]

• Can you give an example log showing where the secrets are being exposed? (Replace any secrets with xxx so you don't share them with us)
• What log level are you using (.Values.logLevel)?
• Are you setting the secret(s) as environment variables to the job via .Values.extraEnv* or are you passing in the secrets as part of the .Values.{command,preConfigCommmand,configuration}Scripts?
• If you are using .Values.configurationScripts, .Values.commandScripts or .Values.preConfigCommandScripts can you share the relevant values? Retract secret values and replace with xxx or similar.

[lczupryn-tibco]

Hi,

I have noticed that secrets are encrypted and happily not base64 so closing the issue - sorry for the noise