openstack/heat
Code Issues Proposed changes

Set auth_encryption_key option to be secret

Browse Source 
To avoid exposure in the logs, auth_encryption_key from heat.conf
should be marked secret.

Change-Id: Ia4aca067f03317dd8073988cd29d26c2ccc88778
Closes-Bug: #1446408
This commit is contained in:
Eric Brown
2015-04-20 15:44:37 -07:00
parent d9f19effc4
commit 369789f69c
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
heat/common/crypt.py
View File

@@ -22,10 +22,11 @@ from heat.openstack.common.crypto import utils
auth_opts = [ auth_opts = [
cfg.StrOpt('auth_encryption_key', cfg.StrOpt('auth_encryption_key',
secret=True,
default='notgood but just long enough i t', default='notgood but just long enough i t',
help=_('Encryption key used for authentication ' help=_('Key used to encrypt authentication info in the '
'info in database. Length of this key ' 'database. Length of this key must be 16, 24 or 32 '
'must be 16, 24 or 32')) 'characters.'))
] ]
cfg.CONF.register_opts(auth_opts) cfg.CONF.register_opts(auth_opts)