When setting up security for Flink through the Flink Properties as #309 describes, the following properties are stored in a ConfigMap and mounted into the JobManager and TaskManager containers:

security.ssl.internal.keystore: "/internal.keystore"
security.ssl.internal.truststore: "/internal.keystore"
security.ssl.internal.keystore-password: "internal_store_password"
security.ssl.internal.truststore-password: "internal_store_password"
security.ssl.internal.key-password: "internal_store_password"

These passwords are stored in the ConfigMap, and should instead be stored in a Secret.

Has this been thought about before? or something that could be planned? Thanks!