Kayobe output can leak sensitive information
Bug #2087938 reported by
Pierre Riteau
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kayobe |
New
|
Undecided
|
Unassigned | ||
Antelope |
New
|
Undecided
|
Unassigned | ||
Bobcat |
New
|
Undecided
|
Unassigned | ||
Caracal |
New
|
Undecided
|
Unassigned | ||
Dalmatian |
New
|
Undecided
|
Unassigned |
Bug Description
Due to the way Ansible is used by Kayobe, sensitive information such as credentials can sometimes be included in the Kayobe output, either during successful operation or when handling failed tasks.
This is generally not a problem for operators using Kayobe directly, but could be an issue if Kayobe access is granted to less trusted users through CI/CD for example.
To post a comment you must log in.
Reviewed: https:/ /review. opendev. org/c/openstack /kayobe/ +/933761 /opendev. org/openstack/ kayobe/ commit/ a36bb614c092c14 7da11c20334dff6 839d3c29b2
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit a36bb614c092c14 7da11c20334dff6 839d3c29b2
Author: Jake Hutchinson <email address hidden>
Date: Wed Oct 30 16:34:29 2024 +0000
Add loop control to custom DNF repos
This avoids leaking repository credentials by suppressing the dict
output to only print the key.
Change-Id: Ic7aa0e4c4f6259 08aeb30de65edac 8bce96af761
Related-Bug: #2087938