Bug 1451046

Summary: Queued item containing secrets is being dumped in plain-text in evm.log
Product: Red Hat CloudForms Management Engine Reporter: Satoe Imaishi <simaishi>
Component: ProvidersAssignee: James Wong <jwong>
Status: CLOSED ERRATA QA Contact: Pavol Kotvan <pakotvan>
Severity: high Docs Contact:
Priority: unspecified    
Version: 5.8.0CC: cpelland, jfrey, jhardy, obarenbo, simaishi
Target Milestone: GA   
Target Release: 5.8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 5.8.0.15 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1450183 Environment:
Last Closed: 2017-05-31 15:12:44 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: CFME Core Target Upstream Version:
Embargoed:
Bug Depends On: 1450183    
Bug Blocks:    

Comment 2 CFME Bot 2017-05-15 16:01:08 UTC 
New commit detected on ManageIQ/manageiq/fine:
https://github.com/ManageIQ/manageiq/commit/2d84cdb4a1783367da737f66f420cbd783825508

commit 2d84cdb4a1783367da737f66f420cbd783825508
Author:     Greg Blomquist <blomquisg>
AuthorDate: Mon May 15 11:42:37 2017 -0400
Commit:     Satoe Imaishi <simaishi>
CommitDate: Mon May 15 11:59:35 2017 -0400

    Merge pull request #15084 from jameswnl/encrypt
    
    Encrypt secrets before enqueue Tower CU operations
    (cherry picked from commit 601f965e89cdef4c46fdcb0db1827f709002ddb7)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1451046

 .../ansible_tower/shared/automation_manager/credential.rb      |  8 +++++---
 .../ansible_tower/shared/automation_manager/tower_api.rb       |  8 ++++++--
 lib/vmdb/settings/walker.rb                                    |  2 +-
 spec/support/ansible_shared/automation_manager/credential.rb   | 10 ++++++++--
 4 files changed, 20 insertions(+), 8 deletions(-)
Comment 5 errata-xmlrpc 2017-05-31 15:12:44 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:1367