germelindam opened a new issue, #6980: URL: https://github.com/apache/incubator-devlake/issues/6980
### Search before asking - [X] I had searched in the [issues](https://github.com/apache/incubator-devlake/issues?q=is%3Aissue) and found no similar issues. ### What happened We are deploying Devlake in an Azure Kubernetes Cluster and in the deployment manifest DB_URL along with other necessary environment variables are mounted as secrets. Even though they are set as kubernetes secrets, if the secret value is wrong, in this case DB_URL, it is being logged in plaintext. The message received in the logs is: invalid DB_URL: plaintext_value. This should not be the case as the DB_URL contains sensitive information like the username and password to login. ### What do you expect to happen Please consider encrypting DB_URL so it doesn't log in plaintext. ### How to reproduce - Create kubernetes manifest deployment for Devlake. - Store DB_URL as secret in Azure Keyvault - Mount the DB_URL secret in the deployment - Have an incorrect DB_URL value - Look at container logs - When DB_URL is wrong it panics and outputs plaintext value. ### Anything else Every time ### Version v0.19.0 ### Are you willing to submit PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
