Introduction of datapolicy field tags across all components in KEP-1753

[pat...@google.com]

Hello, all!

Marek (@serathius) recently opened twenty PRs adding field tags to several Kubernetes structs.

To promote visibility and to avoid rehashing similar threads across them, we thought it best to start a thread here.

Marek's PRs request tagging those fields which may hold credentials.

KEP-1753 proposed these `datapolicy` tags, with the objective of adding filtered klog methods that would redact them.

See this comment in the KEP Issue for the collected field tag PRs and their progress.

Accidental logging of credentials is a recurring concern, as evidenced in the most recent security advisory bundling four such CVEs.

As a logging enhancement, KEP-1753 is formally owned by sig-instrumentation.

However, it has been noted that such horizontal changes should be agreed upon by all component-owning SIGs.

While proposed initially KEP-1753, these field tags are also planned to be consumed by KEP-1933.

This KEP will add taint propagation analysis to PR testing and will alert developers if they send tagged arguments to a non-filtered log call.

If there are any concerns you'd like to raise or additional clarification you would like, feel free to raise them here or on Slack.

Imagination is Change.

~Patrick Rhomberg (@PurelyApplied)