f601cfccf1
In the bug, a user tried setting a devstack password with a "@" in it. As it turns out, sqlalchmey turns the connection-string into a sqlalchemy.engine.url.URL object [1] which returns a RFC1738 quoted string. However, alembic's set_main_option [2] uses python string-interpolation which interprets '%' characters. This means you end up with an interpolation traceback when using any quoted character (':@/') in a user/password (more likely password). Avoid this by ensuring the URL is safe for python interpolation in set_main_option by replacing '%' -> '%%'. I convinced myself this is safe because sqlalchemy correctly parses the quoted and unquoted versions just the same --- >>> str(sqlalchemy.engine.url.make_url('mysql+pymysql://foo:crazy:@/pw@/moo')) 'mysql+pymysql://foo:crazy%3A%40%2Fpw@/moo' >>> str(sqlalchemy.engine.url.make_url('mysql+pymysql://foo:crazy%3A%40%2Fpw@/moo')) 'mysql+pymysql://foo:crazy%3A%40%2Fpw@/moo' --- A test is added [1] https://github.com/zzzeek/sqlalchemy/blob/master/lib/sqlalchemy/engine/url.py [2] http://alembic.zzzcomputing.com/en/latest/api/config.html#alembic.config.Config.set_main_option Change-Id: I3ef7e3e539e35ce040573f2044ab6eb3c990200a Closes-Bug: #1695299 |
||
---|---|---|
api-ref/source | ||
doc | ||
etc | ||
glance | ||
httpd | ||
playbooks/legacy/glance-dsvm-grenade-multinode | ||
rally-jobs | ||
releasenotes | ||
tools | ||
.coveragerc | ||
.gitignore | ||
.gitreview | ||
.mailmap | ||
.stestr.conf | ||
.zuul.yaml | ||
CONTRIBUTING.rst | ||
HACKING.rst | ||
LICENSE | ||
README.rst | ||
babel.cfg | ||
bandit.yaml | ||
bindep.txt | ||
broken-functional-py35-ssl-tests.txt | ||
lower-constraints.txt | ||
pylintrc | ||
requirements.txt | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
Team and repository tags
Glance
Glance is a project that provides services and associated libraries to store, browse, share, distribute and manage bootable disk images, other data closely associated with initializing compute resources, and metadata definitions.
Use the following resources to learn more:
API
To learn how to use Glance's API, consult the documentation available online at:
Developers
For information on how to contribute to Glance, please see the contents of the CONTRIBUTING.rst in this repository.
Any new code must follow the development guidelines detailed in the HACKING.rst file, and pass all unit tests.
Further developer focused documentation is available at:
Operators
To learn how to deploy and configure OpenStack Glance, consult the documentation available online at:
In the unfortunate event that bugs are discovered, they should be reported to the appropriate bug tracker. You can raise bugs here:
Other Information
During each design summit, we agree on what the whole community wants to focus on for the upcoming release. You can see image service plans:
For more information about the Glance project please see: