c7243f1747
get_one_cloud() and get_one_cloud_osc() iterate over config
values and try to expand any variables in those values by
calling value.format(), however some config values
(e.g. password) should never have format() applied to them, not
only might that change the password but it will also cause the
format() function to raise an exception if it can not parse the
format string. Examples would be single brace (e.g. 'foo{')
which raises an ValueError because it's looking for a matching
end brace or a brace pair with a key value that cannot be found
(e.g. 'foo{bar}') which raises a KeyError.
It is not reasonsable to try to escape any braces because:
1) Escaping all braces breaks valid use of the format string syntax.
2) Trying to determine exactly which braces should be escaped and
which should be preserved is a daunting task and likely would not be
robust.
3) Some strings might look like valid format syntax but still should
be escaped (e.g. "foo{bar}", if this appeared in a password we
wouldn't escape it and there would be a key error on the 'bar' key.
4) In general passwords should never be modified, you never want to
apply formatting to them.
The right approach is to maintain a list of config values which are
excluded from having formatting applied to them. At the moment that
list just includes 'password' but perhaps down the road other
exceptions might crop up. This patch follows this approach,
the list of excluded values can easily be updated if others are
discovered.
Change-Id: I187bdec582d4c2cc6c7fda47a1538194137c616b
Closes-Bug: 1635696
Signed-off-by: John Dennis <jdennis@redhat.com>
|
||
|---|---|---|
| .. | ||
| tests | ||
| vendors | ||
| __init__.py | ||
| _log.py | ||
| cloud_config.py | ||
| config.py | ||
| constructors.json | ||
| constructors.py | ||
| defaults.json | ||
| defaults.py | ||
| exceptions.py | ||
| schema.json | ||
| vendor-schema.json | ||