s3_access_key_id should be secret
The [storage] s3_access_key_id parameter is defined with the secret flag, and its value should not be exposed. Change-Id: I87fe4a3854e1f8c96041e665af16c677f14807c6
This commit is contained in:
parent
d4416af168
commit
a84c8fa43f
|
@ -58,7 +58,7 @@ class gnocchi::storage::s3(
|
|||
'storage/driver': value => 's3';
|
||||
'storage/s3_endpoint_url': value => $s3_endpoint_url;
|
||||
'storage/s3_region_name': value => $s3_region_name;
|
||||
'storage/s3_access_key_id': value => $s3_access_key_id;
|
||||
'storage/s3_access_key_id': value => $s3_access_key_id, secret => true;
|
||||
'storage/s3_secret_access_key': value => $s3_secret_access_key, secret => true;
|
||||
'storage/s3_bucket_prefix': value => $s3_bucket_prefix;
|
||||
}
|
||||
|
|
|
@ -21,7 +21,7 @@ describe 'gnocchi::storage::s3' do
|
|||
is_expected.to contain_gnocchi_config('storage/driver').with_value('s3')
|
||||
is_expected.to contain_gnocchi_config('storage/s3_endpoint_url').with_value('https://s3-eu-west-1.amazonaws.com')
|
||||
is_expected.to contain_gnocchi_config('storage/s3_region_name').with_value('eu-west-1')
|
||||
is_expected.to contain_gnocchi_config('storage/s3_access_key_id').with_value('xyz')
|
||||
is_expected.to contain_gnocchi_config('storage/s3_access_key_id').with_value('xyz').with_secret(true)
|
||||
is_expected.to contain_gnocchi_config('storage/s3_secret_access_key').with_value('secret-xyz').with_secret(true)
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue