GutoVeronezi commented on code in PR #6710:
URL: https://github.com/apache/cloudstack/pull/6710#discussion_r969547175
##########
server/src/main/java/com/cloud/network/NetworkModelImpl.java:
##########
@@ -2619,6 +2625,14 @@ public List<String[]> generateVmData(String userData,
String serviceOffering, lo
vmData.add(new String[]{PASSWORD_DIR, PASSWORD_FILE, password});
}
vmData.add(new String[]{METATDATA_DIR, HYPERVISOR_HOST_NAME_FILE,
hostname});
+
+ Domain domain = _domainDao.findById(vm.getDomainId());
+ if (domain != null &&
VirtualMachineManager.AllowExposeDomainInMetadata.valueIn(domain.getId())) {
+ s_logger.debug("Adding domain info to cloud metadata");
Review Comment:
Regarding @DaanHoogland's comment, operators already have access to the VMs
metadata (e.g.: while listing the VMs via API) and these data are printed
several times in other logs; therefore, I do not see how could it be a security
concern in this case. Am I missing something?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
