openstack/glance
Code Issues Proposed changes
7,375 Commits 11 Branches 54 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Dan Smith f45b5f024e Enforce image safety during image_conversion 
This does two things:

1. It makes us check that the QCOW backing_file is unset on those
types of images. Nova and Cinder do this already to prevent an
arbitrary (and trivial to accomplish) host file exposure exploit.
2. It makes us restrict VMDK files to only allowed subtypes. These
files can name arbitrary files on disk as extents, providing the
same sort of attack. Default that list to just the types we believe
are actually useful for openstack, and which are monolithic.

The configuration option to specify allowed subtypes is added in
glance's config and not in the import options so that we can extend
this check later to image ingest. The format_inspector can tell us
what the type and subtype is, and we could reject those images early
and even in the case where image_conversion is not enabled.

Closes-Bug: #1996188
Change-Id: Idf561f6306cebf756c787d8eefdc452ce44bd5e0
(cherry picked from commit 0d6282a01691cecc2798f7858b181c4bb30f850c)
(cherry picked from commit 4967ab6935cfd0274ae801ac943d01909a236a0a)
(cherry picked from commit dc8e5a5cc7f5e9d1b697e520a7533cc90516db1b)
2022-12-19 15:35:58 +00:00
api-ref/source
Add doc support for delete-from-store API
2021-09-03 06:03:18 +00:00
doc
Add "bochs" as a possible video model
2022-05-06 17:40:05 +02:00
etc
Add "bochs" as a possible video model
2022-05-06 17:40:05 +02:00
glance
Enforce image safety during image_conversion
2022-12-19 15:35:58 +00:00
httpd
Update http deploy docs to be a bit more explicit
2017-11-02 01:19:19 -04:00
playbooks
Do not use OSC in infra playbook
2020-09-22 18:07:39 +01:00
rally-jobs
Update some url links of rally/README.rst
2018-02-27 00:29:38 -08:00
releasenotes
glance-cache-prefetcher: Set up access to multistore backends
2022-07-07 16:29:55 +00:00
tools
Stream-friendly disk format inspection module
2020-08-05 08:41:55 -07:00
.coveragerc
Update .coveragerc after the removal of openstack directory
2016-10-17 17:09:56 +05:30
.gitignore
Move policy defaults into code
2020-01-06 12:56:30 -05:00
.gitreview
Update .gitreview for stable/xena
2021-09-16 11:07:17 +00:00
.mailmap
Add a mailmap entry for myself
2014-02-11 12:00:44 +08:00
.stestr.conf
Use group_regex to serialize scrubber tests
2018-06-07 09:25:04 -04:00
.zuul.yaml
[stable-only] Specify openstacksdk stable branch
2022-01-27 09:56:18 -05:00
bindep.txt
Stream-friendly disk format inspection module
2020-08-05 08:41:55 -07:00
CONTRIBUTING.rst
Community Goal: Project PTL & Contrib Docs Update
2020-03-11 06:09:47 +00:00
HACKING.rst
Add doc8 to pep8 check for glance project
2018-01-19 08:20:56 +00:00
LICENSE
Add a LICENSE file.
2012-01-03 10:14:01 -05:00
pylintrc
Typo in pylintrc file
2015-03-25 11:21:16 +01:00
README.rst
Start README.rst with a better title
2019-11-13 17:03:44 +01:00
requirements.txt
Bump oslo.policy to version 3.8.1
2021-09-21 19:45:44 +01:00
setup.cfg
setup.cfg: Fix errant key
2021-08-12 15:40:14 +00:00
setup.py
Cleanup old cruft
2020-03-28 08:18:01 +01:00
test-requirements.txt
Bump requirements to prepare for secure RBAC
2021-02-23 17:27:03 +00:00
tox.ini
[CI] Add upper constraints to install command
2022-05-09 17:02:29 +02:00

README.rst

OpenStack Glance

The following tags have been asserted for the Glance project: "project:official", "tc:approved-release", "stable:follows-policy", "tc:starter-kit:compute", "vulnerability:managed", "assert:supports-upgrade", "assert:follows-standard-deprecation". Follow the link for an explanation of these tags.

Glance is an OpenStack project that provides services and associated libraries to store, browse, share, distribute and manage bootable disk images, other data closely associated with initializing compute resources, and metadata definitions.

Use the following resources to learn more:

API

To learn how to use Glance's API, consult the documentation available online at:

Developers

For information on how to contribute to Glance, please see the contents of the CONTRIBUTING.rst in this repository.

Any new code must follow the development guidelines detailed in the HACKING.rst file, and pass all unit tests.

Further developer focused documentation is available at:

Operators

To learn how to deploy and configure OpenStack Glance, consult the documentation available online at:

In the unfortunate event that bugs are discovered, they should be reported to the appropriate bug tracker. You can raise bugs here:

Release notes

To learn more about Glance's new features, optimizations, and changes between versions, consult the release notes online at:

Other Information

During each design summit, we agree on what the whole community wants to focus on for the upcoming release. You can see image service plans:

For more information about the Glance project please see:

Description
OpenStack Image Management (Glance)
Readme 130 MiB
Languages
Python 99.9%