This is a follow up to https://review.openstack.org/59621 to get broader discussion..
So at the moment we capture a bunch of details in the image - what parameters the image was built with and some environment variables. Last week we were capturing everything, which there is broad consensus was too much, but it seems to me that that is based on two things: - the security ramifications of unanticipated details being baked into the image - many variables being irrelevant most of the time I think those are both good points. But... the problem with diagnostic information is you don't know that you need it until you don't have it. I'm particularly worried that things like bad http proxies, and third party elements that need variables we don't know about will be undiagnosable. Forcing everything through a DIB_FOO variable thunk seems like just creating work for ourselves - I'd like to avoid that. Further, some variables we should capture (like http_proxy) have passwords embedded in them, so even whitelisting what variables to capture doesn't solve the general problem. So - what about us capturing this information outside the image: we can create a uuid for the build, and write a file in the image with that uuid, and outside the image we can write: - all variables (no security ramifications now as this file can be kept by whomever built the image) - command line args - version information for the toolchain etc. -Rob -- Robert Collins <rbtcoll...@hp.com> Distinguished Technologist HP Converged Clous _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
