Project

General

Profile

Actions
Copy link

action #173938

open

Remove hardcode password for wsl/Autounattend_BIOS.xml and wsl/Autounattend_UEFI.xml

Added by tinawang123 3 months ago. Updated 8 days ago.

Status:
Workable
Priority:
Normal
Assignee:
-
Target version:
-
Start date:
2024-12-09
Due date:
% Done:

0%

Estimated time:
Tags:
WSL

Description

Motivation
In https://sd.suse.com/servicedesk/customer/portal/1/SD-150437 we are asked to handle "compromised root passwords in QA segments"

We should not use hardcode password in whole os-autoinst-distri-opensuse. So remove hardcode password on the data directory first.

Related ticket: https://progress.opensuse.org/issues/160334

On the data directory only two files include hardcode password:
grep -r 'nots3cr3t' data/*
data/wsl/Autounattend_BIOS.xml: nots3cr3t
data/wsl/Autounattend_UEFI.xml: nots3cr3t

Related issues 1 (0 open1 closed)

Related to openQA Tests (public) - action #160334: [qe-core] Add CI/CD check to avoid uses of nots3cr3t or other hardcoded password in pull requestsResolvedtinawang1232024-09-06

Actions
Actions
Copy link
 #1

Updated by tinawang123 3 months ago

  • Related to action #160334: [qe-core] Add CI/CD check to avoid uses of nots3cr3t or other hardcoded password in pull requests added
Actions
Copy link
 #2

Updated by pherranz 8 days ago

  • Status changed from New to Workable
  • Assignee deleted (pherranz)
Actions
Copy link
 #3

Updated by pherranz 8 days ago

  • Tags set to WSL
Actions
Copy link
 #4

Updated by pherranz 8 days ago

  • Project changed from openQA Tests (public) to Containers and images
Actions
Copy link

Also available in: Atom PDF