puppet-keystone

Fernet/Credential keys should be hidden in output

Bug #1979672 reported by Takashi Kajinami
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
puppet-keystone
Fix Released
High
Takashi Kajinami

Bug Description

... because these are considered as secret information.

Currently the file resources to manage these keys are missing show_diffs => false, and differences are shown when updating these files.

Takashi Kajinami (kajinamit)
Changed in puppet-keystone:
importance: Undecided → High
assignee: nobody → Takashi Kajinami (kajinamit)
status: New → Triaged
OpenStack Infra (hudson-openstack)
Changed in puppet-keystone:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to puppet-keystone (master)

Reviewed: https://review.opendev.org/c/openstack/puppet-keystone/+/847375
Committed: https://opendev.org/openstack/puppet-keystone/commit/c76bfbe41f7bdc37a50893609cd4d70a2a7e1a75
Submitter: "Zuul (22348)"
Branch: master

commit c76bfbe41f7bdc37a50893609cd4d70a2a7e1a75
Author: Takashi Kajinami <email address hidden>
Date: Fri Jun 24 01:10:52 2022 +0900

    Ensure key contents are hidden

    By default, the file resource shows differences when the file changes.
    This change disables that for the key files so that key contents are
    not displayed in output.

    Closes-Bug: #1979672
    Change-Id: Ic0398cfbb14782ce16710a838e5428be50f2a0b3

Changed in puppet-keystone:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to puppet-keystone (stable/yoga)

Fix proposed to branch: stable/yoga
Review: https://review.opendev.org/c/openstack/puppet-keystone/+/850032

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to puppet-keystone (stable/xena)

Fix proposed to branch: stable/xena
Review: https://review.opendev.org/c/openstack/puppet-keystone/+/851710

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to puppet-keystone (stable/yoga)

Reviewed: https://review.opendev.org/c/openstack/puppet-keystone/+/850032
Committed: https://opendev.org/openstack/puppet-keystone/commit/6a0ca3f0f5730aa5cca683c62117c3f1568ca535
Submitter: "Zuul (22348)"
Branch: stable/yoga

commit 6a0ca3f0f5730aa5cca683c62117c3f1568ca535
Author: Takashi Kajinami <email address hidden>
Date: Fri Jun 24 01:10:52 2022 +0900

    Ensure key contents are hidden

    By default, the file resource shows differences when the file changes.
    This change disables that for the key files so that key contents are
    not displayed in output.

    Closes-Bug: #1979672
    Change-Id: Ic0398cfbb14782ce16710a838e5428be50f2a0b3
    (cherry picked from commit c76bfbe41f7bdc37a50893609cd4d70a2a7e1a75)

tags: added: in-stable-yoga
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to puppet-keystone (stable/xena)

Reviewed: https://review.opendev.org/c/openstack/puppet-keystone/+/851710
Committed: https://opendev.org/openstack/puppet-keystone/commit/f5d1daf0b7485b11abf1f372d0d2e9f4910c777d
Submitter: "Zuul (22348)"
Branch: stable/xena

commit f5d1daf0b7485b11abf1f372d0d2e9f4910c777d
Author: Takashi Kajinami <email address hidden>
Date: Fri Jun 24 01:10:52 2022 +0900

    Ensure key contents are hidden

    By default, the file resource shows differences when the file changes.
    This change disables that for the key files so that key contents are
    not displayed in output.

    Closes-Bug: #1979672
    Change-Id: Ic0398cfbb14782ce16710a838e5428be50f2a0b3
    (cherry picked from commit c76bfbe41f7bdc37a50893609cd4d70a2a7e1a75)
    (cherry picked from commit 6a0ca3f0f5730aa5cca683c62117c3f1568ca535)

tags: added: in-stable-xena
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to puppet-keystone (stable/wallaby)

Fix proposed to branch: stable/wallaby
Review: https://review.opendev.org/c/openstack/puppet-keystone/+/851722

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to puppet-keystone (stable/wallaby)

Reviewed: https://review.opendev.org/c/openstack/puppet-keystone/+/851722
Committed: https://opendev.org/openstack/puppet-keystone/commit/bbdbd7aef35ea5477ccfe1b73c3bdeb76abe6b86
Submitter: "Zuul (22348)"
Branch: stable/wallaby

commit bbdbd7aef35ea5477ccfe1b73c3bdeb76abe6b86
Author: Takashi Kajinami <email address hidden>
Date: Fri Jun 24 01:10:52 2022 +0900

    Ensure key contents are hidden

    By default, the file resource shows differences when the file changes.
    This change disables that for the key files so that key contents are
    not displayed in output.

    Closes-Bug: #1979672
    Change-Id: Ic0398cfbb14782ce16710a838e5428be50f2a0b3
    (cherry picked from commit c76bfbe41f7bdc37a50893609cd4d70a2a7e1a75)
    (cherry picked from commit 6a0ca3f0f5730aa5cca683c62117c3f1568ca535)
    (cherry picked from commit f5d1daf0b7485b11abf1f372d0d2e9f4910c777d)

tags: added: in-stable-wallaby
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to puppet-keystone (stable/victoria)

Fix proposed to branch: stable/victoria
Review: https://review.opendev.org/c/openstack/puppet-keystone/+/852423

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to puppet-keystone (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/puppet-keystone/+/852425

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to puppet-keystone (stable/train)

Fix proposed to branch: stable/train
Review: https://review.opendev.org/c/openstack/puppet-keystone/+/852426

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to puppet-keystone (stable/victoria)

Reviewed: https://review.opendev.org/c/openstack/puppet-keystone/+/852423
Committed: https://opendev.org/openstack/puppet-keystone/commit/922083e5ba8955f15ffd7450e6b843d9cd5d2f17
Submitter: "Zuul (22348)"
Branch: stable/victoria

commit 922083e5ba8955f15ffd7450e6b843d9cd5d2f17
Author: Takashi Kajinami <email address hidden>
Date: Fri Jun 24 01:10:52 2022 +0900

    Ensure key contents are hidden

    By default, the file resource shows differences when the file changes.
    This change disables that for the key files so that key contents are
    not displayed in output.

    Closes-Bug: #1979672
    Change-Id: Ic0398cfbb14782ce16710a838e5428be50f2a0b3
    (cherry picked from commit c76bfbe41f7bdc37a50893609cd4d70a2a7e1a75)
    (cherry picked from commit 6a0ca3f0f5730aa5cca683c62117c3f1568ca535)
    (cherry picked from commit f5d1daf0b7485b11abf1f372d0d2e9f4910c777d)
    (cherry picked from commit bbdbd7aef35ea5477ccfe1b73c3bdeb76abe6b86)

tags: added: in-stable-victoria
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to puppet-keystone (stable/ussuri)

Reviewed: https://review.opendev.org/c/openstack/puppet-keystone/+/852425
Committed: https://opendev.org/openstack/puppet-keystone/commit/d7d6adfd5b2148cc5b3dff3fb188b6619f0f1084
Submitter: "Zuul (22348)"
Branch: stable/ussuri

commit d7d6adfd5b2148cc5b3dff3fb188b6619f0f1084
Author: Takashi Kajinami <email address hidden>
Date: Fri Jun 24 01:10:52 2022 +0900

    Ensure key contents are hidden

    By default, the file resource shows differences when the file changes.
    This change disables that for the key files so that key contents are
    not displayed in output.

    Closes-Bug: #1979672
    Change-Id: Ic0398cfbb14782ce16710a838e5428be50f2a0b3
    (cherry picked from commit c76bfbe41f7bdc37a50893609cd4d70a2a7e1a75)
    (cherry picked from commit 6a0ca3f0f5730aa5cca683c62117c3f1568ca535)
    (cherry picked from commit f5d1daf0b7485b11abf1f372d0d2e9f4910c777d)
    (cherry picked from commit bbdbd7aef35ea5477ccfe1b73c3bdeb76abe6b86)
    (cherry picked from commit 922083e5ba8955f15ffd7450e6b843d9cd5d2f17)

tags: added: in-stable-ussuri
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to puppet-keystone (stable/train)

Reviewed: https://review.opendev.org/c/openstack/puppet-keystone/+/852426
Committed: https://opendev.org/openstack/puppet-keystone/commit/dadf3b7bfd439c1466b697c1f08cddb0de0a20e4
Submitter: "Zuul (22348)"
Branch: stable/train

commit dadf3b7bfd439c1466b697c1f08cddb0de0a20e4
Author: Takashi Kajinami <email address hidden>
Date: Fri Jun 24 01:10:52 2022 +0900

    Ensure key contents are hidden

    By default, the file resource shows differences when the file changes.
    This change disables that for the key files so that key contents are
    not displayed in output.

    Closes-Bug: #1979672
    Change-Id: Ic0398cfbb14782ce16710a838e5428be50f2a0b3
    (cherry picked from commit c76bfbe41f7bdc37a50893609cd4d70a2a7e1a75)
    (cherry picked from commit 6a0ca3f0f5730aa5cca683c62117c3f1568ca535)
    (cherry picked from commit f5d1daf0b7485b11abf1f372d0d2e9f4910c777d)
    (cherry picked from commit bbdbd7aef35ea5477ccfe1b73c3bdeb76abe6b86)
    (cherry picked from commit 922083e5ba8955f15ffd7450e6b843d9cd5d2f17)
    (cherry picked from commit d7d6adfd5b2148cc5b3dff3fb188b6619f0f1084)

tags: added: in-stable-train
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/puppet-keystone 21.0.0

This issue was fixed in the openstack/puppet-keystone 21.0.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/puppet-keystone 18.6.0

This issue was fixed in the openstack/puppet-keystone 18.6.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/puppet-keystone 19.5.0

This issue was fixed in the openstack/puppet-keystone 19.5.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/puppet-keystone 20.4.0

This issue was fixed in the openstack/puppet-keystone 20.4.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/puppet-keystone victoria-eol

This issue was fixed in the openstack/puppet-keystone victoria-eol release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/puppet-keystone ussuri-eol

This issue was fixed in the openstack/puppet-keystone ussuri-eol release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/puppet-keystone train-eol

This issue was fixed in the openstack/puppet-keystone train-eol release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.