Actions
action #160325
closedopenQA Project - coordination #105624: [saga][epic] Reconsider how openQA handles secrets
openQA Project - coordination #157537: [epic] Secure setup of openQA test machines with secure network+secure authentication
[qe-core] Use templating system in autoyast profiles to use testapi::$password instead of nots3cr3t
Status:
Resolved
Priority:
Normal
Assignee:
Category:
Infrastructure
Target version:
Start date:
2024-05-14
Due date:
% Done:
0%
Estimated time:
Difficulty:
Sprint:
QE-Core: May Sprint 24 (May 07 - Jun 04)
Tags:
Description
Motivation¶
In https://sd.suse.com/servicedesk/customer/portal/1/SD-150437 we are asked to handle "compromised root passwords in QA segments"
Goals¶
- G1: Autoyast profiles in
os-autoinst-distri-opensuse/data
have variables instead of nots3cr3t password
Suggestions¶
In theory, this should be fairly straightforward, however, there are cases where the password is already hashed (i.e, slepos) where we might need to contact people from other areas
In the end, this should support the autoyast part of #157555
Actions