Fix LP bug #1044462 cfg items need secret=True

Redact sensitive log information such as sql_connection metadata_encryption_key admin_password admin_user admin_tenant when cfg item summaries are printed in logs Change-Id: I74cfeae4b8bdbd405fbc4baca763a62f4470b154
2012-08-31 16:10:45 +00:00 · 2012-08-31 16:10:45 +00:00 · c4f7816320
parent 3be563029a
commit c4f7816320
2 changed files with 5 additions and 4 deletions
--- a/glance/db/init.py
+++ b/glance/db/init.py
@ -22,6 +22,7 @@ from glance.openstack.common import importutils

 sql_connection_opt = cfg.StrOpt('sql_connection',
                                default='sqlite:///glance.sqlite',
+                                secret=True,
                                metavar='CONNECTION',
                                help='A valid SQLAlchemy connection '
                                     'string for the registry database. '
--- a/glance/registry/init.py
+++ b/glance/registry/init.py
@ -37,12 +37,12 @@ registry_client_opts = [
    cfg.StrOpt('registry_client_key_file'),
    cfg.StrOpt('registry_client_cert_file'),
    cfg.StrOpt('registry_client_ca_file'),
-    cfg.StrOpt('metadata_encryption_key'),
+    cfg.StrOpt('metadata_encryption_key', secret=True),
    ]
 registry_client_ctx_opts = [
-    cfg.StrOpt('admin_user'),
-    cfg.StrOpt('admin_password'),
-    cfg.StrOpt('admin_tenant_name'),
+    cfg.StrOpt('admin_user', secret=True),
+    cfg.StrOpt('admin_password', secret=True),
+    cfg.StrOpt('admin_tenant_name', secret=True),
    cfg.StrOpt('auth_url'),
    cfg.StrOpt('auth_strategy', default='noauth'),
    cfg.StrOpt('auth_region'),