From d6e531af4821c8466b1e9404f12f89f6216417f2 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Sun, 21 Jan 2024 02:09:05 +0900 Subject: [PATCH] s3: Do not log access keys The previous attempt a5ba027922ba1230b4ae9abb810f36427be6354a was incomplete and there are still a few more logs where access keys are logged. This fixes these to avoid leaking access keys to log. Related-Bug: #2047688 Change-Id: I8dc564bed33d6fc71965f4f573ae9109b410b1d4 --- glance_store/_drivers/s3.py | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/glance_store/_drivers/s3.py b/glance_store/_drivers/s3.py index a75e16bb..8aff8f11 100644 --- a/glance_store/_drivers/s3.py +++ b/glance_store/_drivers/s3.py @@ -539,10 +539,8 @@ class Store(glance_store.driver.Store): key = s3_client.get_object(Bucket=bucket, Key=key) LOG.debug("Retrieved image object from S3 using s3_host=%(s3_host)s, " - "access_key=%(accesskey)s, bucket=%(bucket)s, " - "key=%(key)s)", - {'s3_host': loc.s3serviceurl, 'accesskey': loc.accesskey, - 'bucket': bucket, 'key': key}) + "bucket=%(bucket)s key=%(key)s)", + {'s3_host': loc.s3serviceurl, 'bucket': bucket, 'key': key}) cs = self.READ_CHUNKSIZE @@ -828,9 +826,8 @@ class Store(glance_store.driver.Store): raise exceptions.NotFound(image=key) LOG.debug("Deleting image object from S3 using s3_host=%(s3_host)s, " - "accesskey=%(accesskey)s, bucket=%(bucket)s, key=%(key)s)", - {'s3_host': loc.s3serviceurl, 'accesskey': loc.accesskey, - 'bucket': bucket, 'key': key}) + "bucket=%(bucket)s, key=%(key)s)", + {'s3_host': loc.s3serviceurl, 'bucket': bucket, 'key': key}) return s3_client.delete_object(Bucket=bucket, Key=key)