Update show_multiple_locations deprecation note
Update logged text to indicate our intentions with respect to the show_multiple_locations configuration option, which has been deprecated since Newton and advertised as subject to removal in Pike. Also correct the misleading impression in the deprecation notice and earlier release notes that functionality that requires show_multiple_locations = True can be configured via policies at the current time. Also adds a release note to this effect. Change-Id: I5bf0c8af9dfe87e0d17f7a16d4676f387b4379f6 Closes-bug: #1808375
This commit is contained in:
parent
8d1beed2a8
commit
de72ac4a01
@ -405,14 +405,26 @@ Related options:
|
||||
""")),
|
||||
# NOTE(flaper87): The policy.json file should be updated and the locaiton
|
||||
# related rules set to admin only once this option is finally removed.
|
||||
# NOTE(rosmaita): Unfortunately, this option is used to gate some code
|
||||
# paths; if the location related policies are set admin-only, then no
|
||||
# normal users can save or retrieve image data.
|
||||
cfg.BoolOpt('show_multiple_locations', default=False,
|
||||
deprecated_for_removal=True,
|
||||
deprecated_reason=_('This option will be removed in the Pike '
|
||||
'release or later because the same '
|
||||
'functionality can be achieved with '
|
||||
'greater granularity by using policies. '
|
||||
'Please see the Newton '
|
||||
'release notes for more information.'),
|
||||
deprecated_reason=_('Use of this option, deprecated since '
|
||||
'Newton, is a security risk and will be '
|
||||
'removed once we figure out a way to '
|
||||
'satisfy those use cases that currently '
|
||||
'require it. An earlier announcement '
|
||||
'that the same functionality can be '
|
||||
'achieved with greater granularity by '
|
||||
'using policies is incorrect. You cannot '
|
||||
'work around this option via policy '
|
||||
'configuration at the present time, '
|
||||
'though that is the direction we believe '
|
||||
'the fix will take. Please keep an eye '
|
||||
'on the Glance release notes to stay up '
|
||||
'to date on progress in addressing this '
|
||||
'issue.'),
|
||||
deprecated_since='Newton',
|
||||
help=_("""
|
||||
Show all image locations when returning an image.
|
||||
@ -429,6 +441,8 @@ NOTES:
|
||||
image locations can sometimes include credentials. Hence, this
|
||||
is set to ``False`` by default. Set this to ``True`` with
|
||||
EXTREME CAUTION and ONLY IF you know what you are doing!
|
||||
* See https://wiki.openstack.org/wiki/OSSN/OSSN-0065 for more
|
||||
information.
|
||||
* If an operator wishes to avoid showing any image location(s)
|
||||
to the user, then both this option and
|
||||
``show_image_direct_url`` MUST be set to ``False``.
|
||||
|
@ -0,0 +1,23 @@
|
||||
---
|
||||
upgrade:
|
||||
- |
|
||||
The ``show_multiple_locations`` configuration option remains deprecated in
|
||||
this release, but it has not been removed. (It had been scheduled for
|
||||
removal in the Pike release.) Please keep a watch on the Glance release
|
||||
notes and the glance-specs repository to stay informed about developments
|
||||
on this issue.
|
||||
|
||||
The plan is to eliminate the option and use only policies to control image
|
||||
locations access. This, however, requires some major refactoring. See the
|
||||
`draft Policy Refactor spec <https://review.openstack.org/#/c/528021/>`_
|
||||
for more information.
|
||||
|
||||
There is no projected timeline for this change, as no one has been able to
|
||||
commit time to it. The Glance team would be happy to discuss this more
|
||||
with anyone interested in working on it.
|
||||
|
||||
The workaround is to continue to use the ``show_multiple_locations`` option
|
||||
in a dedicated "internal" Glance node that is not accessible to end users.
|
||||
We continue to recommend that image locations not be exposed to end users.
|
||||
See `OSSN-0065 <https://wiki.openstack.org/wiki/OSSN/OSSN-0065>`_ for more
|
||||
information.
|
Loading…
Reference in New Issue
Block a user