DB username, password and DB name disclosed publicly

[Farhan-16]

Hi,

Below URL is disclosing the DB username, password and DB name,
https://github.com/TIBCOSoftware/js-docker/blob/master/kubernetes/helm/values.yaml

This doesn't seem like the best possible practice.

Thank you
Farhan Patil

[ericjohnson-tibco]

Indeed - perhaps we can comment out the username, password, and DB name, so that customers are forced to enter their own versions, rather than accidentally using the defaults that we've provided?

[sgwood63]

These sorts of values always have to be updated for the individual environment as outlined here: https://github.com/TIBCOSoftware/js-docker/tree/master/kubernetes#configure-the-jasperreports-server-service I will make these generic. This Helm chart needs to be updated for JasperReports Server 7.5 and the multiple images used for k8s. See https://github.com/TIBCOSoftware/js-docker/tree/master/kubernetes

…

On Fri, Apr 3, 2020 at 8:50 AM Eric Johnson ***@***.***> wrote: Indeed - perhaps we can comment out the username, password, and DB name, so that customers are forced to enter their own versions, rather than accidentally using the defaults that we've provided? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#33 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADCUC6AECXFNOPNS5LH4PKLRKYAT3ANCNFSM4L3NCCYQ> .

-- Sherman Wood Principal Architect, Engineering *TIBCO Jaspersoft* | M +1 415 516-4894 <%2B1%20518%20322%201486> | E swood@tibco.com | www.jaspersoft.com | community.jaspersoft.com | tibco.com <http://www.tibco.com>

[ysavoche]

this issue is resolved in the v8.0.0 release