On 13/11/13 18:14, Randall Burt wrote:
On Nov 13, 2013, at 9:18 AM, Zane Bitter <[email protected]>
wrote:
On 13/11/13 04:08, Andrew Plunk wrote:
2).Provide a way to express metadata about stack outputs returned from heat.
This could involve something like a "Sensitive: true" field in the Output
schema. Heat would ignore it but pass it on to clients so that something like the
dashboard could e.g. require an extra click to show it, and hide it again after a timeout.
Alternatively, as lifeless points out, you could pass the password in using a
hidden input. That's the currently supported way, and I suspect the better one
in most cases.
I mostly agree with this suggestion. For symmetry with parameters, we could simply add a
key to outputs "hidden: true". For things like stack-list, the default would be
to display a masked value like we do for parameters. I think we should then add the
ability to retrieve the unmasked values for parameters and outputs.
I think that would work well for the CLI client, but if I were the
dashboard I don't think that is the way I would want to fetch the data.
There's no actual security benefit to returning a masked value.
- ZB
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : [email protected]
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
