openstack/glance
Code Issues Proposed changes

Merge "s3: Do not log access keys"

Browse Source
This commit is contained in:
Zuul
2025-11-14 16:43:37 +00:00
committed by Gerrit Code Review
parent ad612406e7 81a838cc24
commit 01528c9bf2
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
glance/common/store_utils.py
View File

@@ -301,8 +301,8 @@ def _update_s3_location_and_store_id(context, loc):
location_map = store_api.location.SCHEME_TO_CLS_BACKEND_MAP
if scheme not in location_map:
LOG.debug("Unknown scheme '%(scheme)s' found in uri '%(uri)s'",
{'scheme': scheme, 'uri': uri})
LOG.debug("Unknown scheme '%(scheme)s' found in uri",
{'scheme': scheme})
return False
# URL format: s3://key:secret@host/bucket/object

5
glance/tests/unit/common/test_utils.py
View File

@@ -1208,9 +1208,10 @@ class S3CredentialUpdateTestCase(test_utils.BaseTestCase):
# URL should remain unchanged
self.assertEqual(location['url'], original_url)
# Verify that the debug log was called for unknown scheme
# Note: URI is not logged for S3 schemes to avoid credential exposure
mock_log.debug.assert_called_once_with(
"Unknown scheme '%(scheme)s' found in uri '%(uri)s'",
{'scheme': 's3', 'uri': 's3://key:secret@bucket/object'})
"Unknown scheme '%(scheme)s' found in uri",
{'scheme': 's3'})
@mock.patch('glance.common.store_utils.store_api')
@mock.patch('glance.common.store_utils.CONF')