Reviewed: https://review.openstack.org/179857 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=63aa353c676a094fbf02e799115a884c70a48002 Submitter: Jenkins Branch: master commit 63aa353c676a094fbf02e799115a884c70a48002 Author: Joe Gordon <joe.gordon0 at gmail.com> Date: Mon May 4 11:19:33 2015 -0700 Mark ironic credential config as secret Mark ironic credentials as secret so we don't log the values. Detected with bandit while testing out: I3026b81317f0a6322acfc94784899a7453af586f Change-Id: Icfd13b3294a9fa0881a5ab01f50864ebcbce393e Closes-Bug: #1451931 ** Changed in: nova Status: In Progress => Fix Committed -- You received this bug notification because you are a member of OpenStack Security, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1451931 Title: ironic password config not marked as secret Status in OpenStack Compute (Nova): Fix Committed Status in OpenStack Security Advisories: Won't Fix Status in OpenStack Security Notes: New Bug description: The ironic config option for the password and auth token are not marked as secret so the values will get logged during startup in debug mode. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1451931/+subscriptions