`ensure-anchor-db` container is leaking DB credentials
Summary
When installing Anchore, the ensure-anchore-db
container runs a few SQL commands that ALTER
a user and the logs show the full username and password for the DB user in plaintext.
Steps to reproduce
(demonstrated in dogfood)
Install anchore, inspect the logs for ensure-anchor-db
.
What is the current behavior?
What is the expected behavior?
Don't show the password.
Possible fixes
Seems to come from https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise/-/blob/main/chart/templates/bigbang/db/ensure-anchore-db.yaml?ref_type=heads#L77
/cc @bkhamitov @snaq11092 @bimbola81 @fkqs @jasdeep.s.basra @dax.mcdonald @justin.carry @mucles