abalage opened a new issue, #1472: URL: https://github.com/apache/apisix-ingress-controller/issues/1472
### Issue description I have changed the default admin key in apisix and apisix-ingress-controller. Checking the logs of the ingress controller it logs the new admin token in plain text. As container logs are usually collected and shipped to 3rd party systems this effect leaks sensitive data. Issue is moved from apache/apisix-helm-chart#396 ### Environment - your apisix-ingress-controller version: ``` # /ingress-apisix/apisix-ingress-controller version --long Version: 1.5.0 Git SHA: no-git-module Go Version: go1.19.2 Building OS/Arch: linux/amd64 Running OS/Arch: linux/amd64 ``` - your Kubernetes cluster version (output of kubectl version): ``` v1.23.7 ``` ### Minimal test code / Steps to reproduce 1. Change admin keys according to the [FAQ](https://github.com/apache/apisix-ingress-controller/blob/master/docs/en/latest/FAQ.md#how-do-i-modify-the-admin-api-key-in-apisix-ingress). 2. check application logs 3. look for `default_cluster_admin_key` and compare its value with the admin key you have just set ### Actual result Ingress logs contain the admin key in plain text at the very beginning of the log file. Snippet generated by `helm template` on release `0.11.2`. ``` apiVersion: v1 data: config.yaml: | # log options log_level: "info" log_output: "stderr" cert_file: "/etc/webhook/certs/cert.pem" key_file: "/etc/webhook/certs/key.pem" http_listen: ":8080" https_listen: ":8443" ingress_publish_service: enable_profiling: false apisix-resource-sync-interval: 300s kubernetes: kubeconfig: "" resync_interval: "6h" app_namespaces: - "cddmp" namespace_selector: - "" election_id: "ingress-apisix-leader" ingress_class: "apisix" ingress_version: "networking/v1" watch_endpointslices: false apisix_route_version: "apisix.apache.org/v2" enable_gateway_api: false apisix: default_cluster_base_url: http://apisix-admin.foobar.svc.cluster.local:9180/apisix/admin default_cluster_admin_key: "newsecrettoken" default_cluster_name: "default" kind: ConfigMap metadata: name: apisix-configmap namespace: cddmp labels: helm.sh/chart: ingress-controller-0.10.1 app.kubernetes.io/name: ingress-controller app.kubernetes.io/instance: apisix app.kubernetes.io/version: "1.5.0" app.kubernetes.io/managed-by: Helm ``` ### Error log ``` 2022-11-17T18:43:52+08:00 �[34minfo�[0m ingress/ingress.go:113 apisix ingress controller started 2022-11-17T18:43:52+08:00 �[34minfo�[0m ingress/ingress.go:115 version: Version: 1.5.0 Git SHA: no-git-module Go Version: go1.19.2 Building OS/Arch: linux/amd64 Running OS/Arch: linux/amd64 2022-11-17T18:43:52+08:00 �[34minfo�[0m ingress/ingress.go:121 use configuration { "cert_file": "/etc/webhook/certs/cert.pem", "key_file": "/etc/webhook/certs/key.pem", "log_level": "info", "log_output": "stderr", "http_listen": ":8080", "https_listen": ":8443", "ingress_publish_service": "", "ingress_status_address": [], "enable_profiling": false, "kubernetes": { "kubeconfig": "", "resync_interval": "6h0m0s", "app_namespaces": [ "cddmp" ], "namespace_selector": [], "election_id": "ingress-apisix-leader", "ingress_class": "apisix", "ingress_version": "networking/v1", "watch_endpoint_slices": false, "apisix_route_version": "apisix.apache.org/v2", "api_version": "apisix.apache.org/v2", "enable_gateway_api": false }, "apisix": { "default_cluster_name": "default", "default_cluster_base_url": "http://apisix-admin.foobar.svc.cluster.local:9180/apisix/admin";, "default_cluster_admin_key": "newsecrettoken" }, "apisix-resource-sync-interval": "5m0s" } ``` ### Expected result Logging sensitive data is unacceptable in production systems. Either they should be prevented or masked. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
