From d686c48910f0966b2d64f7055d5956c55b9501c9 Mon Sep 17 00:00:00 2001
From: Vipul Sabhaya <vipuls@gmail.com>
Date: Tue, 10 Sep 2013 18:07:31 -0700
Subject: [PATCH] Mark sensitive cfg options with secure flag

* Marks sensitive cfg options with the secure attribute
  which prevents them from being logged in the clear

fixes bug#1221902

Change-Id: I86887e58f3fc11cdbbe95d90da9458143c70ec67
(cherry picked from commit f1661b7791ee5cef346b416e8488504ae3aa86a2)
---
 trove/common/cfg.py | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/trove/common/cfg.py b/trove/common/cfg.py
index b53936d957..257a7765d1 100644
--- a/trove/common/cfg.py
+++ b/trove/common/cfg.py
@@ -29,7 +29,8 @@ path_opts = [
 common_opts = [
     cfg.StrOpt('sql_connection',
                default='sqlite:///trove_test.sqlite',
-               help='SQL Connection'),
+               help='SQL Connection',
+               secret=True),
     cfg.IntOpt('sql_idle_timeout', default=3600),
     cfg.BoolOpt('sql_query_log', default=False),
     cfg.IntOpt('bind_port', default=8779),
@@ -68,8 +69,8 @@ common_opts = [
     cfg.IntOpt('dns_account_id', default=0),
     cfg.StrOpt('dns_auth_url', default=""),
     cfg.StrOpt('dns_domain_name', default=""),
-    cfg.StrOpt('dns_username', default=""),
-    cfg.StrOpt('dns_passkey', default=""),
+    cfg.StrOpt('dns_username', default="", secret=True),
+    cfg.StrOpt('dns_passkey', default="", secret=True),
     cfg.StrOpt('dns_management_base_url', default=""),
     cfg.IntOpt('dns_ttl', default=300),
     cfg.IntOpt('dns_domain_id', default=1),
@@ -184,11 +185,11 @@ common_opts = [
     cfg.StrOpt('notification_service_id',
                help='Unique ID to tag notification events'),
     cfg.StrOpt('nova_proxy_admin_user', default='',
-               help="Admin username used to connect to Nova"),
+               help="Admin username used to connect to Nova", secret=True),
     cfg.StrOpt('nova_proxy_admin_pass', default='',
-               help="Admin password used to connect to Nova"),
+               help="Admin password used to connect to Nova", secret=True),
     cfg.StrOpt('nova_proxy_admin_tenant_name', default='',
-               help="Admin tenant used to connect to Nova"),
+               help="Admin tenant used to connect to Nova", secret=True),
     cfg.StrOpt('network_label_regex', default='^private$'),
     cfg.StrOpt('cloudinit_location', default='/etc/trove/cloudinit',
                help="Path to folder with cloudinit scripts"),