You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are looking for a way to scan all ConfigMaps in our clusters for leaked secrets. Initially we thought that the exposed secret feature of the operator would do what we wanted because it kinda sounds like that, but it scans images, whereas we want to scan ConfigMaps with something like gitleaks to check that no secret was accidentally placed inside a ConfigMap instead of a Secret resource.
I've read the docs about writing our own config audit policy, but I think re-implementing something like gitleaks in rego would be difficult to accomplish. Would this be something the operator might support?
The text was updated successfully, but these errors were encountered:
We are looking for a way to scan all ConfigMaps in our clusters for leaked secrets. Initially we thought that the exposed secret feature of the operator would do what we wanted because it kinda sounds like that, but it scans images, whereas we want to scan ConfigMaps with something like gitleaks to check that no secret was accidentally placed inside a ConfigMap instead of a Secret resource.
I've read the docs about writing our own config audit policy, but I think re-implementing something like gitleaks in rego would be difficult to accomplish. Would this be something the operator might support?
The text was updated successfully, but these errors were encountered: