[Glance] Changing glance credentials lead to Openstack cloud malfunction.

Do we still support 4.1.x series?

We do - 3.2, 3.2.1, 4.0, 4.1, 4.1.1 are still receiving Limited support which cover security issues.

Moving back to 5.1.1-updates as there is still no fix to backport

Let me summarize what needs to be done in 7.0 upd and 8.0.
You can find the detailed description here: https://review.openstack.org/#/c/242583/3/doc/source/configuring.rst
We should not use swift_store_user, swift_store_key, auth_address, swift_store_auth_version config options to deploy Glance with Swift backend.
The file specified in swift_store_config_file option must be used instead of config options above. This file specifies all configuration options required for Swift (details in the link provided). In this case username and password will not be included in Swift storage link and changing username/password should be safe.

Patch in upstream: https://review.openstack.org/#/c/245876/

Patch in fuel-infra: https://review.fuel-infra.org/#/c/13957/

Both patches were merged, marked as Fix Committed for MOS 8.0

Timur, this patch (https://review.fuel-infra.org/#/c/13957/) is merged into puppet-glance, but it's not used yet in deployment, because puppet module tag is still 7.0.0-mos-rc2 which is below Denis's commit

verification on custom iso:

  feature_groups:
    - mirantis
  production: "docker"
  release: "8.0"
  openstack_version: "2015.1.0-8.0"
  api: "1.0"
  build_number: "1057"
  build_id: "2015-12-09_11-52-12"
  fuel-nailgun_sha: "5fe407228f7fc2d538a26cf225d01ec255f30dc9"
  python-fuelclient_sha: "19b89d9109d7ddffdc0eb4c4c0979485f3ca2146"
  fuel-agent_sha: "6356e90686efcc0f5aa1c6bfc108688975ce9650"
  fuel-nailgun-agent_sha: "a33a58d378c117c0f509b0e7badc6f0910364154"
  astute_sha: "48fd58676debcc85951db68df6d77c22daa55e52"
  fuel-library_sha: "296d04f871706a6a96461bd401fd6a9ad369acf7"
  fuel-ostf_sha: "23b7ae2a1a57de5a3e1861ffb7805394ca339cc2"
  fuel-mirror_sha: "c66309976db831a4081e5e0064028d7c67014b2f"
  fuelmenu_sha: "761685b566af981479e7e0f3c3a5eede5a40400d"
  shotgun_sha: "a0bd06508067935f2ae9be2523ed0d1717b995ce"
  network-checker_sha: "a3534f8885246afb15609c54f91d3b23d599a5b1"
  fuel-upgrade_sha: "1e894e26d4e1423a9b0d66abd6a79505f4175ff6"
  fuelmain_sha: "f3f9f24cb48506a203d0955b37eae373b09f1c97"

http://jenkins-product.srt.mirantis.net:8080/job/custom_8.0_iso/1057/

Patch has been successfully merged. https://review.fuel-infra.org/#/c/13957/

*for mos 8.0

Verificated on fuel 8.0 iso #291

Won't Fix for 6.0-updates as there is no delivery channel for Fuel fixes in 6.0 updates

for fix security issue on already deployed environment please use Technical Bulletin[0]

[0] http://content.mirantis.com/rs/451-RBY-185/images/Mirantis-Technical-Bulletin-22.pdf

patch for 6.1 https://review.openstack.org/#/c/280135/
patch for 7.0 https://review.openstack.org/#/c/276250/

Retargeted to 6.1-mu-6 as review is taking more time than expected

Set this bug's status to Won't fix (wontfix-munotapplic) for 4.1 and 5.0 branches since we don't provide MU for them

before apply that patch on already deployed environment, please make sure that you have applied Technical Bulletin[0], otherwise after apply patch without steps from Technical Bulletin[0], images in glance may become unavailable

[0] http://content.mirantis.com/rs/451-RBY-185/images/Mirantis-Technical-Bulletin-22.pdf

Verified on MOS 7.0 + mu3 updates.

Test case is automated: https://mirantis.testrail.com/index.php?/cases/view/836637

Verified on MOS 6.1 + mu6 updates.

MOS5.1 is no longer supported, moving to Won't Fix.