-
Notifications
You must be signed in to change notification settings - Fork 479
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Contribute: zfs driver and zfs driver shared over ISCSI #5654
base: one-6.2
Are you sure you want to change the base?
Conversation
0b269ff
to
b94dad5
Compare
enabled: true | ||
actions: | ||
change_authentication: true | ||
update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
9e1985e
to
d019bd4
Compare
settings_auth_tab: true | ||
actions: | ||
# Buttons for settings_info_tab | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
# Buttons for settings_config_tab | ||
Settings.change_language: true | ||
Settings.change_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
settings_auth_tab: true | ||
actions: | ||
# Buttons for settings_info_tab | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
User.two_factor_auth: true | ||
# Buttons for settings_config_tab | ||
Settings.change_language: true | ||
Settings.change_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
settings_auth_tab: true | ||
actions: | ||
# Buttons for settings_info_tab | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
settings_showback_tab: true | ||
actions: | ||
# Buttons for settings_info_tab | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
User.two_factor_auth: true | ||
# Buttons for settings_config_tab | ||
Settings.change_language: true | ||
Settings.change_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
# Buttons for settings_config_tab | ||
Settings.change_language: true | ||
Settings.change_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
User.two_factor_auth: true | ||
# Buttons for settings_config_tab | ||
Settings.change_language: true | ||
Settings.change_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
actions: | ||
User.refresh: true | ||
User.create_dialog: true | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
settings_auth_tab: true | ||
actions: | ||
# Buttons for settings_info_tab | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
actions: | ||
User.refresh: true | ||
User.create_dialog: true | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
actions: | ||
# Buttons for settings_info_tab | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
User.two_factor_auth: true | ||
# Buttons for settings_config_tab | ||
Settings.change_language: true | ||
Settings.change_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
actions: | ||
User.refresh: true | ||
User.create_dialog: true | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
actions: | ||
User.refresh: true | ||
User.create_dialog: true | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
actions: | ||
User.refresh: true | ||
User.create_dialog: true | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
User.two_factor_auth: true | ||
# Buttons for settings_config_tab | ||
Settings.change_language: true | ||
Settings.change_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
actions: | ||
User.refresh: true | ||
User.create_dialog: true | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
actions: | ||
# Buttons for settings_info_tab | ||
User.update_password: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
Signed-off-by: Mikalai Kutouski <[email protected]>
Signed-off-by: Victor Hansson <[email protected]>
Signed-off-by: Victor Hansson <[email protected]>
* For wild VMs do only basic monitoring, skip extended info
Signed-off-by: Victor Hansson <[email protected]>
* Include field path for ALL form errors * Fix VNC validation Signed-off-by: Victor Hansson <[email protected]>
- allow newer ansible in provision - remove unsused files, roles - simplify opennebula-node-kvm - remove unsued ceonts files, - rename yaml -> yml - replace `include:` with `include_tasks:` - don't restart frr - bump Ceph version in HCI to Reef, adopt ceph-opennebula-mon
* @param {string} token - token JWT | ||
* @returns {object} data JWT | ||
*/ | ||
const jwtDecode = (token = '') => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
Avoid using ==
and ===
operators with sensitive data fields like passwords, api keys, tokens etc. as they are vulnerable to timing attack. Consider using crypto.timingSafeEqual
or secure-compare
for time-safe string comparison.
*/ | ||
const getNodesService = ( | ||
user = '', | ||
password = '', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
Avoid using ==
and ===
operators with sensitive data fields like passwords, api keys, tokens etc. as they are vulnerable to timing attack. Consider using crypto.timingSafeEqual
or secure-compare
for time-safe string comparison.
@@ -90,6 +91,11 @@ def get_devices(filter = nil) | |||
end.flatten | |||
end | |||
|
|||
def device_attr?(device, attribute) | |||
addr = "0000:#{device[:bus]}:#{device[:slot]}.#{device[:function]}" | |||
!`ls -l /sys/bus/pci/devices/#{addr}/ | grep #{attribute}`.empty? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
Detected a dangerous subshell execution vulnerability where user input is directly used in a shell command without proper sanitisation. This could allow an attacker to inject and execute arbitrary system commands, potentially leading to system compromise or data breach. To remediate, avoid using shell commands with user input when possible, or implement strict input validation and use shell escaping functions like Shellwords.escape(). If shell execution is necessary, consider using a allow list of allowed commands and arguments. Link to more info : https://guides.rubyonrails.org/security.html
Signed-off-by: dcarracedo <[email protected]>
Co-authored-by: Tino Vázquez <[email protected]>
when attach nic after create a vm Signed-off-by: dcarracedo <[email protected]>
Fix is the same applied here: c9742ad3d798e3c (use to_s to prevent nil.upcase calls)
Signed-off-by: Neal Hansen <[email protected]> Co-authored-by: Tino Vázquez <[email protected]>
* Schemas validated by online tool * Ambiguity errors not solved
Signed-off-by: dcarracedo <[email protected]>
(cherry picked from commit 08e7ff3)
Add a check before dereferencing the group roles pointer. (cherry picked from commit 48bab98)
Signed-off-by: Victor Hansson <[email protected]>
* Cleanup oned in case of initialization error * Fix monitoring after onemonitord restart. The code includes a "hook" point in case a driver is re-started so custom code can be executed. InformationManager sends the list of hosts and raft status in this case. * B #5801: Update error msg, in case of duplicated drivers
I make available my integration work on zfs, based on the ceph driver.
zfs is for single node and zfs_iscsi for shared
https://github.com/openmilanese/zfs_iscsi.git
https://github.com/openmilanese/zfs.git