[release-4.1] Bug 1734621: resourceapply: don't log secret data

[openshift-cherrypick-robot]

This is an automated cherry-pick of #472

/assign enj

[openshift-ci-robot]

@openshift-cherrypick-robot: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

Details

In response to this:

[release-4.1] resourceapply: don't log secret data

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[sttts]

/approve
/lgtm

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: openshift-cherrypick-robot, sttts

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [sttts]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[enj]

/retitle "[release-4.1] Bug 1734621: resourceapply: don't log secret data"

[openshift-ci-robot]

@openshift-cherrypick-robot: This pull request references a valid Bugzilla bug. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

"[release-4.1] Bug 1734621: resourceapply: don't log secret data"

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[enj]

/retitle [release-4.1] Bug 1734621: resourceapply: don't log secret data

[sttts]

@jwforres do we really need a cherry-pick approved label for library changes? This one blocks us opening those other 15 PRs to fix the actually CVE problem.

[jwforres]

I asked @enj to get everything into 4.2, and get it all validated, before we pick anything back to 4.1

What we are trying to avoid is picking something back into library.go in 4.1, someone else picking up the change unintentionally as part of some other bug fix, and then realizing there was a bug in the library.go changes.

[mfojtik]

@jwforres since #472 merged 9 days ago and had enough time to soak in all components that use this, I think it is safe to merge this.

There is CVE attached to this bug and we don't want to delay the z-stream rollout.

[openshift-ci-robot]

@openshift-cherrypick-robot: All pull requests linked via external trackers have merged. The Bugzilla bug has been moved to the MODIFIED state.

Details

In response to this:

[release-4.1] Bug 1734621: resourceapply: don't log secret data

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.