From ba9dad39f2d3ead1dde6dd554fe6ec9b3f906153 Mon Sep 17 00:00:00 2001 From: Dalia Khater Date: Mon, 29 Jun 2026 11:44:17 -0500 Subject: [PATCH] Remove verbose ControllerConfig logging from bootstrap MCS The bootstrap MCS was logging the entire ControllerConfig YAML which contains sensitive data (internalRegistryPullSecret). This causes LeakTK to redact CI artifacts, preventing bootstrap failure debugging. The file read is already logged on line 116, which is sufficient. --- pkg/server/bootstrap_server.go | 1 - 1 file changed, 1 deletion(-) diff --git a/pkg/server/bootstrap_server.go b/pkg/server/bootstrap_server.go index d8b8cf3d30..ef4f495939 100644 --- a/pkg/server/bootstrap_server.go +++ b/pkg/server/bootstrap_server.go @@ -123,7 +123,6 @@ func (bsc *bootstrapServer) GetConfig(cr poolRequest) (*runtime.RawExtension, er klog.Errorf("could not read file: %s", fileName) return nil, fmt.Errorf("server: could not read file %s, err: %w", fileName, err) } - klog.Infof("got controllerConfig: %s", string(data)) cc := new(mcfgv1.ControllerConfig) err = yaml.Unmarshal(data, cc)