Swift backend: the key parameter should be secret
The key parameter of swift backend is used to define a credentail to
access Swift so should be hidden in logs.
In Glance the user parameter(swift_store_user) is also defined as
a secret parameter. However it defines user name or id and user name
or id is not currently treated as secret in puppet, so this change
doesn't cover the user parameter.
Change-Id: Iac580df4de14ffdb19436417b2830a834efd087d
(cherry picked from commit 4a48192988
)
This commit is contained in:
parent
6db9beca3f
commit
048e9b458b
|
@ -141,7 +141,7 @@ define glance::backend::multistore::swift(
|
|||
|
||||
glance_swift_config {
|
||||
"${default_swift_reference}/user": value => $swift_store_user;
|
||||
"${default_swift_reference}/key": value => $swift_store_key;
|
||||
"${default_swift_reference}/key": value => $swift_store_key, secret => true;
|
||||
"${default_swift_reference}/auth_address": value => $swift_store_auth_address;
|
||||
"${default_swift_reference}/auth_version": value => $swift_store_auth_version;
|
||||
"${default_swift_reference}/user_domain_id": value => $swift_store_auth_user_domain_id;
|
||||
|
|
|
@ -51,7 +51,7 @@ describe 'glance::backend::multistore::swift' do
|
|||
is_expected.to contain_glance_api_config('swift/default_swift_reference').with_value('ref1')
|
||||
is_expected.to contain_glance_api_config('swift/swift_buffer_on_upload').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_glance_api_config('swift/swift_upload_buffer_dir').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_glance_swift_config('ref1/key').with_value('key')
|
||||
is_expected.to contain_glance_swift_config('ref1/key').with_value('key').with_secret(true)
|
||||
is_expected.to contain_glance_swift_config('ref1/user').with_value('user')
|
||||
is_expected.to contain_glance_swift_config('ref1/auth_version').with_value('2')
|
||||
is_expected.to contain_glance_swift_config('ref1/auth_address').with_value('http://127.0.0.1:5000/v3/')
|
||||
|
@ -97,7 +97,7 @@ describe 'glance::backend::multistore::swift' do
|
|||
is_expected.to contain_glance_api_config('swift/default_swift_reference').with_value('swift_creds')
|
||||
is_expected.to contain_glance_api_config('swift/swift_buffer_on_upload').with_value(true)
|
||||
is_expected.to contain_glance_api_config('swift/swift_upload_buffer_dir').with_value('/var/glance/swift')
|
||||
is_expected.to contain_glance_swift_config('swift_creds/key').with_value('key2')
|
||||
is_expected.to contain_glance_swift_config('swift_creds/key').with_value('key2').with_secret(true)
|
||||
is_expected.to contain_glance_swift_config('swift_creds/user').with_value('user2')
|
||||
is_expected.to contain_glance_swift_config('swift_creds/auth_version').with_value('1')
|
||||
is_expected.to contain_glance_swift_config('swift_creds/auth_address').with_value('127.0.0.2:8080/v1.0/')
|
||||
|
|
Loading…
Reference in New Issue