incompatible auth_encryption_key between heat and heat-cfn
Bug #2036890 reported by
Guillaume Boutry
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Juju Charmed Operator - Heat K8S |
Fix Committed
|
High
|
Hemanth Nakkina | ||
OpenStack Snap |
Triaged
|
High
|
Unassigned |
Bug Description
auth_encryption_key is used by heat to stored sensitive data in database. This must be the same between all units.
Since charm-heat-k8s stores this value in its peer relation which is not shared between heat and heat-cfn.
Since heat requests are executed by both engines (asynchronously thanks to rabbitmq), some part of the sensitive data is stored with heat's auth_encryption_key and cannot be read by heat-cfn's engine (and vice-versa)
Changed in charm-heat-k8s: | |
importance: | Undecided → High |
Changed in charm-heat-k8s: | |
status: | New → Triaged |
assignee: | nobody → Hemanth Nakkina (hemanth-n) |
Changed in snap-openstack: | |
status: | New → Triaged |
Changed in charm-heat-k8s: | |
status: | Triaged → Fix Committed |
To post a comment you must log in.
Fix proposed to branch: main /review. opendev. org/c/openstack /charm- heat-k8s/ +/897663
Review: https:/