From 558bae07847e4dbeb447e07468f3338b15c84b37 Mon Sep 17 00:00:00 2001
From: Mike Jang <mi.jang@f5.com>
Date: Thu, 11 Jul 2024 10:17:54 -0700
Subject: [PATCH 1/2] Fix: include security note for JWT and password in
 history

---
 .../includes/installation/jwt-password-note.md        | 11 +++++++++++
 .../ngf-images/jwt-token-docker-secret.md             |  1 +
 2 files changed, 12 insertions(+)
 create mode 100644 site/content/includes/installation/jwt-password-note.md

diff --git a/site/content/includes/installation/jwt-password-note.md b/site/content/includes/installation/jwt-password-note.md
new file mode 100644
index 0000000000..147c67af34
--- /dev/null
+++ b/site/content/includes/installation/jwt-password-note.md
@@ -0,0 +1,11 @@
+---
+docs: 
+---
+
+{{< note >}} For security, follow these practices with JSON Web Tokens (JWTs), passwords, and shell history:
+
+1. **JWTs:** JWTs are sensitive information. Store them securely. Delete them after use to prevent unauthorized access.
+
+1. **Shell history:** Commands that include JWTs or passwords are recorded in the history of your shell, in plain text. Clear your shell history after running such commands. For example, if you use bash, you can delete commands in your `~/.bash_history` file. Alternatively, you can run the `history -c` command to erase your shell history.
+
+Follow these practices to help ensure the security of your system and data. {{< /note >}}
diff --git a/site/content/installation/ngf-images/jwt-token-docker-secret.md b/site/content/installation/ngf-images/jwt-token-docker-secret.md
index 4127f979d6..c32d708023 100644
--- a/site/content/installation/ngf-images/jwt-token-docker-secret.md
+++ b/site/content/installation/ngf-images/jwt-token-docker-secret.md
@@ -40,6 +40,7 @@ You will need the following items from [MyF5](https://my.f5.com) for these instr
     kubectl get secret nginx-plus-registry-secret --output=yaml
     ```
 
+{{< include "installation/jwt-password-note.md" >}}
 
 ## Install NGINX Gateway Fabric
 

From 0825450e64ea074c44a0688f5b7f944598e2c7f3 Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Fri, 12 Jul 2024 11:02:10 +0000
Subject: [PATCH 2/2] [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci
---
 site/content/includes/installation/jwt-password-note.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/site/content/includes/installation/jwt-password-note.md b/site/content/includes/installation/jwt-password-note.md
index 147c67af34..2f12808252 100644
--- a/site/content/includes/installation/jwt-password-note.md
+++ b/site/content/includes/installation/jwt-password-note.md
@@ -1,5 +1,5 @@
 ---
-docs: 
+docs:
 ---
 
 {{< note >}} For security, follow these practices with JSON Web Tokens (JWTs), passwords, and shell history: