Hello Everyone,
Glance core team have discussed and decided during Dalmatian PTG[1] about depreciation of `metadata_encryption_key` config option. We decided to deprecate it in this cycle and remove it in `E` (2025.1) cycle[2].
Problems with `metadata_encryption_key` config option and its related functionality:
- It was added quite a long time ago and even though as per the description it should encrypt the location metadata but it actually encrypts the location url.
- It encrypts the location url only for image upload/import/download/show APIs and doesn't encrypt url on location APIs.
- If it's enabled during upgrade, it will break the existing deployment since the existing image url is not encrypted.
- It doesn't even work for location url encryption as expected since it does not encrypt the legacy images url on start up, download of that image fails with InvalidLocation error.
If there are any objections/suggestions on the above plan kindly please let us know
before the spec freeze date of glance which is July 05,2024.
If there will be no response till 5th July, we will assume that it's a go forward signal and
can merge the spec lite[2] for the same.
Thanks & Regards,
Pranali Deore