Sahara

GET /jobs/{id} returns credentials

Bug #1272452 reported by Matthew Farrellee on 2014-01-24

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Sahara	Fix Released	High	Trevor McKay	Sahara 2014.1 "icehouse"

Bug Description

similar to https://bugs.launchpad.net/savanna/+bug/1272322

the credentials used to access the job data are readily available in the representation of the job transmitted from the service

NOTE - the python-savannaclient filters out the credentials before displaying them, that code can be removed when this is fixed.

Revision history for this message

Andrew Lazarev (alazarev) wrote on 2014-01-24:

>NOTE - the python-savannaclient filters out the credentials before displaying them, that code can be removed when this is fixed.

I think that code can be removed even before this is fixed. Client can always request job binaries via REST. Having code preventing that in client is strange.

Sergey Lukjanov (slukjanov) on 2014-02-24

Changed in savanna:
assignee:	nobody → Trevor McKay (tmckay)
milestone:	none → icehouse-3
importance:	Undecided → Medium
status:	New → Confirmed

Sergey Lukjanov (slukjanov) on 2014-03-01

Changed in savanna:
milestone:	icehouse-3 → icehouse-rc1

Sergey Lukjanov (slukjanov) on 2014-03-04

Changed in savanna:
importance:	Medium → High

Sergey Lukjanov (slukjanov) on 2014-03-25

Changed in sahara:
status:	Confirmed → Triaged

Trevor McKay (tmckay) on 2014-03-25

Changed in sahara:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-03-25: Fix proposed to sahara (master)

Fix proposed to branch: master
Review: https://review.openstack.org/82863

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-03-29: Fix merged to sahara (master)

Reviewed: https://review.openstack.org/82863
Committed: https://git.openstack.org/cgit/openstack/sahara/commit/?id=4da5dbf735165bc568c7e6b2b54de61cd250c03e
Submitter: Jenkins
Branch: master

commit 4da5dbf735165bc568c7e6b2b54de61cd250c03e
Author: Trevor McKay <email address hidden>
Date: Tue Mar 25 12:35:40 2014 -0400

Filter credentials in jobs returned from REST api

    The 'mains' and 'libs' elements of a Job contain references
    to JobBinary objects, which can contain credentials in the
    'extra' field. Filter 'extra' from 'mains' and 'libs' when
    returning a wrapped Job object.

Closes-Bug: #1272452
Change-Id: Ieccadbbda1f081595374469cb938b7bffbc08e17

Changed in sahara:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2014-04-04

Changed in sahara:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2014-04-17

Changed in sahara:
milestone:	icehouse-rc1 → 2014.1

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.