Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Make mask_password case insensitive, and add new patterns
It appears that Mistral service logs everything, and doesn't use yet the mask_password (nor mask_dict_password) method. In order to ensure all is properly masked, we have to add some new patterns, and make it case insensitive in order to simplify and avoid duplicated entries. Change-Id: Icc19b7c8bdb6a3182939d5e9fdef21288b19f43d Related-Bug: #1850843 Signed-off-by: Cédric Jeanneret <cjeanner@redhat.com>
- Loading branch information
Showing
3 changed files
with
64 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
8 changes: 8 additions & 0 deletions
8
releasenotes/notes/mask-password-patterns-f41524069b8ae488.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
--- | ||
security: | ||
- This patch ensures we actually mask sensitive data, even if case doesn't | ||
match the static entry we have in the patterns. | ||
- It also ensures that some fancy names with a common base, but added | ||
number are actually taken care of. | ||
fixes: | ||
- https://bugs.launchpad.net/tripleo/+bug/1850843 |