astefanutti commented on pull request #1912: URL: https://github.com/apache/camel-k/pull/1912#issuecomment-762198415
> I am making the development to exec into the kamel operator, however I am thinking about the possible security concerns. Should we allow the CLI to run an arbitrary command on the operator running pod? I am not sure it's a good choice. It has indeed security concerns, and UX as a result. For that approach to work, the end-user has to have the permission to run the `exec` request. This is managed by Kubernetes RBAC, so the end-user has to be authorised. And then, he/she can run arbitrary command. Other options that I can think of would be: - Expose a `version` endpoint: the operator already expose HTTP endpoints for health and monitoring - Simply add an annotation to the deployment with the version information While the `exec` approach is more correct, these alternatives are probably less involved security and UX wise. WDYT? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
