[Openstack-security] [openstack/glance] SecurityImpact review request change I0196a6f327c0147f897ae051ee60a8cb11b8fd40
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Tue Mar 10 13:22:34 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/159129
Log:
commit 99a4b08f790ae8230cdbdd9e35459dd5af4b6325
Author: Flavio Percoco <flaper87 at gmail.com>
Date: Wed Feb 25 14:50:06 2015 +0100
Basic support for image conversion
This patch adds a task for image conversion. It uses `qemu-img` to
convert images. This tool has support for several image formats.
The current implementation converts images if and only if the operator
has configured glance to do so. That is, the `convert_to_format` option
has been set.
There are few things about this patch that should be improved by
follow-up patches. The first one is the fact that it relies on the
entry_points order for task execution. Although this works, it is not
the most flexible/controllable way to do it. The second thing is that it
relies on the aforementioned configuration option to enable/disable the
task (as in, it becomes a non-op). There should be an explicit way to
enable/disable tasks.
Since both things mentioned in the previous paragraph affect the task
management in general, I've decided to let the fix for a follow-up
patch.
DocImpact
SecurityImpact
Partially-implements blueprint: new-upload-workflow
Partially-implements blueprint: basic-import-conversion
Change-Id: I0196a6f327c0147f897ae051ee60a8cb11b8fd40
More information about the Openstack-security
mailing list