Kubernetes Docker Secret
Description
General
- Documentation: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry
- Summary: Kubernetes is a system for automating deployment, scaling and management of containerized applications. It can be used to pull images from a private Docker registry. This detector aims at catching Docker registry credentials stored as secrets of type
kubernetes.io/dockerconfigjsoninside Kubernetes. - IPs allowlist: This feature is not available.
- Scopes: Scope support depends on the private registry provider.
Revoke the secret
Revocation procedure depends on the private registry provider.
Check for suspicious activity
Activity tracking depends on the private registry provider.
Details for Kubernetes docker secret
Family: Api
Category: Package registry
Company: Docker
High recall: False
Validity check available: False
Minimum number of matches: 1
Occurrences found for one million commits: 3.05
Prefixed: False
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- kubernetes\.io/dockerconfigjson
- type: ContentWhitelistPreValidator
patterns:
- \.dockerconfigjson
Examples
- text: |
apiVersion: v1
kind: Secret
metadata:
name: regcred
data:
# Credentials for GitLab Docker registry
.dockerconfigjson: eyJhdXRocyI6eyJyZWdpc3RyeS5naXRsYWIuY29tIjp7InVzZXJuYW1lIjoiazhzIiwicGFzc3dvcmQiOiJnbHBhdC1UWXpTX0RRa3FnWDRGNHU4c3pVZSIsImF1dGgiOiJhemh6T21kc2NHRjBMVlJaZWxOZlJGRnJjV2RZTkVZMGRUaHplbFZsIn19fQo=
type: kubernetes.io/dockerconfigjson
token: eyJhdXRocyI6eyJyZWdpc3RyeS5naXRsYWIuY29tIjp7InVzZXJuYW1lIjoiazhzIiwicGFzc3dvcmQiOiJnbHBhdC1UWXpTX0RRa3FnWDRGNHU4c3pVZSIsImF1dGgiOiJhemh6T21kc2NHRjBMVlJaZWxOZlJGRnJjV2RZTkVZMGRUaHplbFZsIn19fQo=
