a08893dc86
When generating a random string, once we had selected from the various
required pools, we continued by selecting a pool at random and then
selecting a character from that pool at random. This did not take into
account the differing sizes of the available pools, nor the fact that the
same character could appear in multiple pools, which resulted in a
non-uniform probability distribution of characters. Since users mostly make
use of this feature to generate default passwords for services they are
deploying, this would result in the generated passwords having slightly
less entropy than expected (and pathological cases were possible).
Rectify this by always selecting non-constrained characters from a single
combined pool, and by ensuring that each character appears only once in any
pool we're selecting from.
Since we also want to use this method to generate passwords for OpenStack
Users, the new implementation is in a separate module in heat.common rather
than mixed in with the resource's logic. Also, use a StringIO object to
collect the characters rather than repeatedly appending to a string.
Change-Id: Ia7b63e72c1e3c0649290caf4fea8a32f7f89560b
Closes-Bug: #1757300
Related-Bug: #1666129
Related-Bug: #1444429
(cherry picked from commit
|
||
|---|---|---|
| api-ref/source | ||
| bin | ||
| contrib | ||
| devstack | ||
| doc | ||
| etc/heat | ||
| heat | ||
| heat_integrationtests | ||
| heat_upgradetests | ||
| playbooks/devstack | ||
| rally-scenarios | ||
| releasenotes | ||
| tools | ||
| .coveragerc | ||
| .gitignore | ||
| .gitreview | ||
| .testr.conf | ||
| .zuul.yaml | ||
| CONTRIBUTING.rst | ||
| HACKING.rst | ||
| LICENSE | ||
| README.rst | ||
| babel.cfg | ||
| config-generator.conf | ||
| install.sh | ||
| requirements.txt | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
| uninstall.sh | ||
README.rst
Team and repository tags
Heat
Heat is a service to orchestrate multiple composite cloud applications using templates, through both an OpenStack-native REST API and a CloudFormation-compatible Query API.
Why heat? It makes the clouds rise and keeps them there.
Getting Started
If you'd like to run from the master branch, you can clone the git repo:
git clone https://git.openstack.org/openstack/heat
- Wiki: http://wiki.openstack.org/Heat
- Developer docs: http://docs.openstack.org/developer/heat
- Template samples: https://git.openstack.org/cgit/openstack/heat-templates
- Agents: https://git.openstack.org/cgit/openstack/heat-agents
Python client
https://git.openstack.org/cgit/openstack/python-heatclient
References
- http://docs.amazonwebservices.com/AWSCloudFormation/latest/APIReference/API_CreateStack.html
- http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/create-stack.html
- http://docs.amazonwebservices.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html
- http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=tosca
We have integration with
- https://git.openstack.org/cgit/openstack/python-novaclient (instance)
- https://git.openstack.org/cgit/openstack/python-keystoneclient (auth)
- https://git.openstack.org/cgit/openstack/python-swiftclient (s3)
- https://git.openstack.org/cgit/openstack/python-neutronclient (networking)
- https://git.openstack.org/cgit/openstack/python-ceilometerclient (metering)
- https://git.openstack.org/cgit/openstack/python-aodhclient (alarming service)
- https://git.openstack.org/cgit/openstack/python-cinderclient (storage service)
- https://git.openstack.org/cgit/openstack/python-glanceclient (image service)
- https://git.openstack.org/cgit/openstack/python-troveclient (database as a Service)
- https://git.openstack.org/cgit/openstack/python-saharaclient (hadoop cluster)
- https://git.openstack.org/cgit/openstack/python-barbicanclient (key management service)
- https://git.openstack.org/cgit/openstack/python-designateclient (DNS service)
- https://git.openstack.org/cgit/openstack/python-magnumclient (container service)
- https://git.openstack.org/cgit/openstack/python-manilaclient (shared file system service)
- https://git.openstack.org/cgit/openstack/python-mistralclient (workflow service)
- https://git.openstack.org/cgit/openstack/python-zaqarclient (messaging service)
- https://git.openstack.org/cgit/openstack/python-monascaclient (monitoring service)
- https://git.openstack.org/cgit/openstack/python-senlinclient (clustering service)