-
Epic
-
Resolution: Done
-
Medium
-
None
-
Password removal from OOM HELM charts
-
1
As discovered in ONAP Casablanca pentest (and confirmed in latest version) OOM contains a lot of different passwords. There are 3 issues related to this:
1) Some of passwords are stored in resource files rather than in secrets
2) The same passwords are reused for almost all deployments
3) It's is not possible to use already existing secrets for ONAP deployment
To fix those issues we plan:
1) Ensure that all passwords are stored in kubernetes secrets
2) Make all passwords randomly generated per deployment unless a passwords override has been provided for the deployment
3) Add ability to use external secrets instead of providing passwords override.
- clones
-
REQ-1 ONAP Requirement Template
- To Do
-
REQ-537 Long-term IPv4/IPv6 dual stack networking support
- Done
- is cloned by
-
MODELING-273 Password removal from OOM HELM charts
- Closed
- relates to
-
DCAEGEN2-1972 REQ-361: Continue hard coded password removal
- Closed
-
CCSDK-1910 Password removal from OOM Helm charts
- Closed
-
SDNC-970 Password removal from OOM Helm charts
- Closed
-
MODELING-273 Password removal from OOM HELM charts
- Closed
-
POLICY-2207 This epic covers the work to support TSC must have S3P requirements
- Closed
- mentioned in
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...