You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The text was updated successfully, but these errors were encountered:
nnaik25
changed the title
Clickhouse operator logging issue : Password hash data getting printed in logs
Clickhouse operator Logs Security issue : Password hash data getting printed in logs
May 9, 2024
Environment - Kubenetes
Context:
https://github.com/Altinity/clickhouse-operator/blob/master/docs/chi-examples/01-simple-layout-01-1shard-1repl.yaml
https://github.com/Altinity/clickhouse-operator/blob/master/deploy/helm/clickhouse-operator/values.yaml
Issue :
During clickhouse operator pod startup, we see below log printed that contains Password hash info ( https://github.com/Altinity/clickhouse-operator/blob/master/docs/chi-examples/01-simple-layout-01-1shard-1repl.yaml#L9) .
This is an security issue
Requirement:
Is there a way to supress below log??
clickhouse-operator/pkg/controller/chi/worker.go
Line 564 in bbbf66a
I0509 07:00:44.416333 1 worker.go:559] dev1-ranch2/htel-clickhouse-server:logCHI non-normalized yet (native) new start--------------------------------------------:
non-normalized yet (native) new
logCHI kind: ClickHouseInstallation
apiversion: clickhouse.altinity.com/v1
metadata:
name: clickhouse-server
generatename: ""
selflink: ""
uid: 1c58fabd-0d0f-4898-8dee-1e0721dc7050
resourceversion: "165597788"
generation: 2
creationtimestamp: "2024-04-29T23:49:12Z"
deletiontimestamp: null
deletiongraceperiodseconds: null
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"clickhouse.altinity.com/v1","kind":"ClickHouseInstallation","metadata":{"annotations":{},"name":"clickhouse-server","namespace":"xxxxxx"},"spec":{"configuration":{"clusters":[{"layout":{"replicasCount":1,"shardsCount":1},"name":"xxxx","templates":{"podTemplate":"pod-template-with-volumes"}}],"users":{"clickhouse_operator/networks/ip":["::/0"],"clickhouse_operator/password_sha256_hex":"7e734de19505e2509bb9a11dad2c45cfcdfdacedb581c385bb286f9008092c65","clickhouse_operator/profile":"clickhouse_operator","clickhouse_operator/quota":"default
The text was updated successfully, but these errors were encountered: