You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our cluster's integrated with Prisma Defender, it reported that Private Key was found in keda-metrics-apiserver:2.9.2.
Cause
Found: /apiserver.local.config/certificates/apiserver.key
Expected Behavior
There's should be no private key stored inside an image.
Actual Behavior
Private key is stored in image
Steps to Reproduce the Problem
Private key was detected in /apiserver.local.config/certificates/apiserver.key
Logs from KEDA operator
N/A
KEDA Version
2.9.2
Kubernetes Version
None
Platform
Microsoft Azure
Scaler Details
No response
Anything else?
Please advise if this private key is required for the keda-metrics-apiserver to be function. If not required, we should remediate and externalize the keys from image. If required, we need some inputs to document why the key is required. Thank you.
The text was updated successfully, but these errors were encountered:
Hi,
That key isn't stored in the image, it's generated on the fly by the metrics server during the startup if you don't provide it.
How to provide your own certificate is explained here: https://keda.sh/docs/2.11/faq/
This certificate has been removed in KEDA v2.10 in favor of external certificates (managed by KEDA as minimum, using an external tool like cert-manager as recommended)
You can find how to use your own certificates in KEDA > v2.10 here and also a blog-post with an example for cert-manager here
I close this issue as solved because the file isn't used anymore, but you can reopen it if you think that there is still something that needs to be fixed 😄
Report
Our cluster's integrated with Prisma Defender, it reported that Private Key was found in keda-metrics-apiserver:2.9.2.
Cause
Found: /apiserver.local.config/certificates/apiserver.key
Expected Behavior
There's should be no private key stored inside an image.
Actual Behavior
Private key is stored in image
Steps to Reproduce the Problem
Private key was detected in /apiserver.local.config/certificates/apiserver.key
Logs from KEDA operator
N/A
KEDA Version
2.9.2
Kubernetes Version
None
Platform
Microsoft Azure
Scaler Details
No response
Anything else?
Please advise if this private key is required for the keda-metrics-apiserver to be function. If not required, we should remediate and externalize the keys from image. If required, we need some inputs to document why the key is required. Thank you.
The text was updated successfully, but these errors were encountered: