Provide ability to hide defined annotations in ArgoCD web UI #15693
Labels
component:ui
User interfaces bugs and enhancements
enhancement
New feature or request
Open Bounty
This describes issues with a bounty.
security
Security related
Comments
crenshaw-dev
added
security
|
Related: #5201 |
|
A $100 bounty is available for whoever implements this feature!
This is our first feature bounty, so please be patient as we work through the bugs in our system. :-) Bounties will be paid out on Argoproj's behalf by HackerOne and will be subject to the limitations of their payment system. |
This was referenced May 14, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue Description
We have configured our cluster to run with Docker pull secrets, which creates a secret for each service account (dockercfg).
Normally, ArgoCD hides all secret data using
diff.HideSecretData, including the annotationlast-applied-configuration(source).However, when using pull secrets, the
dockercfgsecret creates an annotationopenshift.io/token-secret.valuethat contains the service account’s access token.Request
It would be great to have the ability to define a list of annotations that should not be shown in the ArgoCD web UI on the system level. This feature would improve security and privacy for users who are working with secrets and annotations in ArgoCD.
The text was updated successfully, but these errors were encountered: