False security issues in gitops-template #2034
Labels
bug
Something isn't working
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Which version of kubefirst are you using?
ALL
Which cloud provider?
None specific
Which DNS?
None specific
Which installation type?
None specific
Which distributed Git provider?
None specific
Did you use a fork of
gitops-template?No
Which Operating System?
None specific
What is the issue?
GitGuardian, and probably other security scanning tools are reporting security issues with the
gitops-templaterepository. Those are secrets we leak in some previous commit. Security-wise, they are not a concern as we either revoke the SSH key, or the username/password are not creating security risks.Still, we should remove the offending commits, and rebase to ensure they are not part of the Git history to prevent these type of tools to report those as security risks, since they are not. It is important as many companies are doing security assessments before using a product like ours, and they may not take the time to validate those with us, and dispatch our solution right away.
The task at hands are:
--username ${BASIC_AUTH_USER} --password ${BASIC_AUTH_PASS}instead of--username k-ray --password feedkraystarsCode of Conduct
The text was updated successfully, but these errors were encountered: