Bug 755029

Summary: aeolus-cli push displays provider account passwd
Product: [Retired] CloudForms Cloud Engine Reporter: wes hayutin <whayutin>
Component: imagefactoryAssignee: Steve Loranz <sloranz>
Status: CLOSED CURRENTRELEASE QA Contact: wes hayutin <whayutin>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.0.0CC: akarol, dajohnso, deltacloud-maint, dgao, mkoci, nobody, ssachdev
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-08-30 17:17:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description wes hayutin 2011-11-18 15:35:01 UTC 
Description of problem:

<password>MYPASSWORD!</password>\n  

2011-11-18 10:31:49,102 DEBUG paste.httpserver.ThreadPool pid(9170) Message: Added task (0 tasks queued)
2011-11-18 10:31:49,146 INFO imgfac.rest.imagefactory pid(9170) Message: Request recieved with Content-Type (application/json)
2011-11-18 10:31:49,147 DEBUG imgfac.rest.imagefactory pid(9170) Message: returning {u'build_id': u'8ab5b068-294a-4427-8e1a-1983fdddd5c3', u'image_id': u'64eff625-19c8-40d8-88d5-7ddadf52958c', u'provider': u'vsphere', u'credentials': u'<provider_account>\n  <name>vsphere_Administrator</name>\n  <provider>vsphere</provider>\n  <provider_type>vsphere</provider_type>\n  <provider_credentials>\n    <vsphere_credentials>\n      <password>R3dhat!</password>\n      <username>Administrator</username>\n    </vsphere_credentials>\n  </provider_credentials>\n</provider_account>', u'target_image_id': u'2e7b336a-f356-4f22-97ea-be35521f158d'}
2011-11-18 10:31:49,148 DEBUG imgfac.rest.imagefactory pid(9170) Message: Starting 'push' process...
2011-11-18 10:31:49,148 INFO imgfac.rest.imagefactory pid(9170) Message: Request recieved with Content-Type (application/json)
2011-11-18 10:31:49,148 DEBUG imgfac.rest.imagefactory pid(9170) Message: returning {u'build_id': u'8ab5b068-294a-4427-8e1a-1983fdddd5c3', u'image_id': u'64eff625-19c8-40d8-88d5-7ddadf52958c', u'provider': u'vsphere', u'credentials': u'<provider_account>\n  <name>vsphere_Administrator</name>\n  <provider>vsphere</provider>\n  <provider_type>vsphere</provider_type>\n  <provider_credentials>\n    <vsphere_credentials>\n      <password>MYPASSWORD!</password>\n      <username>Administrator</username>\n    </vsphere_credentials>\n  </provider_credentials>\n</provider_account>', u'target_image_id': u'2e7b336a-f356-4f22-97ea-be35521f158d'}
2011-11-18 10:31:49,149 DEBUG imgfac.ImageWarehouse.ImageWarehouse pid(9170) Message: Querying (http://localhost:9090/target_images/_query) with expression ($build == "8ab5b068-294a-4427-8e1a-1983fdddd5c3" && $target == "vsphere")
2011-11-18 10:31:49,151 DEBUG imgfac.ImageWarehouse.ImageWarehouse pid(9170) Message: Getting metadata (['template']) from http://localhost:9090/target_images/2e7b336a-f356-4f22-97ea-be35521f158d
2011-11-18 10:31:49,152 DEBUG imgfac.ImageWarehouse.ImageWarehouse pid(9170) Message: Created Image Warehouse instance http://localhost:9090 - buckets(target_images, templates, icicles, provider_images)
2011-11-18 10:31:49,155 DEBUG imgfac.ImageWarehouse.ImageWarehouse pid(9170) Message: Created Image Warehouse instance http://localhost:9090 - buckets(target_images, templates, icicles, provider_images)
2011-11-18 10:31:49,156 DEBUG imgfac.BuildJob.BuildJob pid(9170) Message: Builder (6686272b-4fb9-41d5-b1c7-25b57fd73a88) changed status from NEW to PUSHING
2011-11-18 10:31:49,157 DEBUG imgfac.BuildJob.BuildJob pid(9170) Message: Builder (6686272b-4fb9-41d5-b1c7-25b57fd73a88) changed percent complete from 0 to 0
2011-11-18 10:31:49,158 DEBUG imgfac.builders.BaseBuilder.Fedora_vsphere_Builder pid(9170) Message: Image file /home/var/lib/imagefactory/images/vmware-image-2e7b336a-f356-4f22-97ea-be35521f158d.vmdk already present - skipping warehouse download
2011-11-18 10:31:49,172 DEBUG paste.httpserver.ThreadPool pid(9170) Message: Added task (0 tasks queued)


[root@qeblade31 ~]# rpm -qa | grep factory
imagefactory-jeosconf-ec2-fedora-0.8.9-1.fc15.noarch
imagefactory-0.8.9-1.fc15.noarch
imagefactory-jeosconf-ec2-rhel-0.8.9-1.fc15.noarch
rubygem-imagefactory-console-0.5.0-4.20110824113238gitd9debef.fc15.noarch
Comment 1 wes hayutin 2011-11-28 01:24:11 UTC 
adding ce-sprint-next bugs to ce-sprint tracker for this release
Comment 2 jrd 2011-11-28 17:37:26 UTC 
Unclear to me why this is assigned to me.  aeolus-cli is Mike's group, yes?
Comment 3 wes hayutin 2011-11-28 19:59:34 UTC 
(In reply to comment #2)
> Unclear to me why this is assigned to me.  aeolus-cli is Mike's group, yes?

The above log is from /var/log/imagefactory
Comment 4 jrd 2011-11-29 21:06:48 UTC 
Ok, Ian, can you render an opinion?
Comment 5 Ian McLeod 2011-11-30 20:34:38 UTC 
This is a reintroduction of an issue we had with the QMF interface.  The generic top-level debugging output is sharing PUT parameters that contain password information.  We need to either remove these debugs or selectively REDACT as we have done elsewhere. 

Assigning to Steve as he is the REST-guy.
Comment 6 Steve Loranz 2011-11-30 20:46:05 UTC 
https://github.com/aeolusproject/imagefactory/pull/42 takes care of this.
Comment 7 wes hayutin 2012-01-03 17:41:37 UTC 
adding ce-sprint-next bugs to ce-sprint
Comment 8 Steve Loranz 2012-01-03 18:59:39 UTC 
(In reply to comment #7)
> adding ce-sprint-next bugs to ce-sprint

Has anybody been able to verify the fix from Nov 30th referenced in comment 6?
Comment 9 Martin Kočí 2012-01-04 09:57:54 UTC 
I'm going to post the result today.
Comment 10 Martin Kočí 2012-01-04 17:48:12 UTC 
Hudson test done however I'm still getting 
ERROR:   => Unknown Error after aeolus-cli build --target vsphere --template templates/bug761035.tdl;

#rpm -qa | grep 'aeolus\|imagefactory-\|oz-\|iwhd'
oz-0.7.9-4.el6.noarch
rubygem-aeolus-image-0.2.0-1.el6.noarch
aeolus-conductor-daemons-0.8.0-0.20111222233342gitd98cb57.el6.noarch
rubygem-rack-mount-0.7.1-3.aeolus.el6.noarch
rubygem-ZenTest-4.3.3-2.aeolus.el6.noarch
rubygem-aeolus-cli-0.2.0-3.el6.noarch
imagefactory-jeosconf-ec2-rhel-1.0.0rc1-1.el6.noarch
aeolus-configure-2.5.0-0.20111222173430git17b704a.20111222173430git17b704a.el6.noarch
rubygem-arel-2.0.10-0.aeolus.el6.noarch
iwhd-1.1-2.el6.x86_64
imagefactory-jeosconf-ec2-fedora-1.0.0rc1-1.el6.noarch
aeolus-conductor-0.8.0-0.20111222233342gitd98cb57.el6.noarch
aeolus-all-0.8.0-0.20111222233342gitd98cb57.el6.noarch
rubygem-imagefactory-console-0.5.0-4.20110824113238gitd9debef.el6.noarch
aeolus-conductor-doc-0.8.0-0.20111222233342gitd98cb57.el6.noarch
imagefactory-1.0.0rc1-1.el6.noarch

I will test that via imagefactory command.
Comment 11 Martin Kočí 2012-01-04 17:52:42 UTC 
But it looks there is no password information visible in the log /var/log/imagefactory.log though so far.
Comment 12 Martin Kočí 2012-01-05 11:42:58 UTC 
verified on RHEL62 and Fedora15 with package imagefactory-1.0.0rc1-1
Moving bug to VERIFIED.
Comment 13 wes hayutin 2012-01-12 16:17:00 UTC 
bugs in verified or on_qa moving off tracker