• Nir Magnezi's avatar
    Encrypt certs and keys · ae7c87f5
    Nir Magnezi authored
    Octavia creates certificates and keys to manage encrypted
    communication channel to amphorae.
    When debug is enabled, the python taskflow module will log
    all the information we provide to tasks (and sub-flows)
    when we create amphorae or handle with anything related to
    certificates and keys management (rotations, etc).
    
    There are ways to tell taskflow to exclude specific things
    from being logged (e.g., I136081045787c1bbe3ee846d5845a34201c57864).
    While this handles some information in specific flows from being
    logged, it is susceptive to code changes.
    
    To avoid an everlasting whack-a-mole game, this patch will merely
    encrypt sensitive information so we can safely log it and decrypts
    it only when we need to use it.
    
    Change-Id: I06d329ca53bc36bd27f7870ae7c7ca0cf18575b2
    ae7c87f5
utils.py 3.96 KB