As the title suggests, I can view Kubernetes bearer tokens in the Jenkins logs (/logs/all endpoints). Isn't this a security concern? Is there a way to stop it without having to meddle with the Kubernetes plugin source code?
Edit:
Example log:
Aug 29, 2020 7:39:41 PM okhttp3.internal.platform.Platform log
INFO: Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnSee the documentation for okhttp
Warning: The logs generated by this interceptor when using the HEADERS or BODY levels have the potential to leak sensitive information such as "Authorization" or "Cookie" headers and the contents of request and response bodies. This data should only be logged in a controlled way or in a non-production environment.
So you should probably not activate that logging in an environment where you have sensitive tokens.