Contribute: zfs driver and zfs driver shared over ISCSI #5654
Conversation
rsmontero
force-pushed
the
master
branch
4 times, most recently
from
0b269ff
to
b94dad5
Compare
| enabled: true | ||
| actions: | ||
| change_authentication: true | ||
| update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
rsmontero
force-pushed
the
master
branch
2 times, most recently
from
9e1985e
to
d019bd4
Compare
| settings_auth_tab: true | ||
| actions: | ||
| # Buttons for settings_info_tab | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| # Buttons for settings_config_tab | ||
| Settings.change_language: true | ||
| Settings.change_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| settings_auth_tab: true | ||
| actions: | ||
| # Buttons for settings_info_tab | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| User.two_factor_auth: true | ||
| # Buttons for settings_config_tab | ||
| Settings.change_language: true | ||
| Settings.change_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| settings_auth_tab: true | ||
| actions: | ||
| # Buttons for settings_info_tab | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| settings_showback_tab: true | ||
| actions: | ||
| # Buttons for settings_info_tab | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| User.two_factor_auth: true | ||
| # Buttons for settings_config_tab | ||
| Settings.change_language: true | ||
| Settings.change_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| # Buttons for settings_config_tab | ||
| Settings.change_language: true | ||
| Settings.change_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| User.two_factor_auth: true | ||
| # Buttons for settings_config_tab | ||
| Settings.change_language: true | ||
| Settings.change_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| actions: | ||
| User.refresh: true | ||
| User.create_dialog: true | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| settings_auth_tab: true | ||
| actions: | ||
| # Buttons for settings_info_tab | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| actions: | ||
| User.refresh: true | ||
| User.create_dialog: true | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| actions: | ||
| # Buttons for settings_info_tab | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| User.two_factor_auth: true | ||
| # Buttons for settings_config_tab | ||
| Settings.change_language: true | ||
| Settings.change_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| actions: | ||
| User.refresh: true | ||
| User.create_dialog: true | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| actions: | ||
| User.refresh: true | ||
| User.create_dialog: true | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| actions: | ||
| User.refresh: true | ||
| User.create_dialog: true | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| User.two_factor_auth: true | ||
| # Buttons for settings_config_tab | ||
| Settings.change_language: true | ||
| Settings.change_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| actions: | ||
| User.refresh: true | ||
| User.create_dialog: true | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
| actions: | ||
| # Buttons for settings_info_tab | ||
| User.update_password: true |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
It appears your code contains a hardcoded password. Hardcoded secrets or credentials can allow attackers to bypass authentication methods and perform malicious actions. We recommend revoking access to resources using this credential and storing future credentials in a management service such as AWS Secrets Manager.
Signed-off-by: Mikalai Kutouski <[email protected]>
Signed-off-by: Victor Hansson <[email protected]>
Signed-off-by: Victor Hansson <[email protected]>
* For wild VMs do only basic monitoring, skip extended info
Signed-off-by: Victor Hansson <[email protected]>
* Include field path for ALL form errors * Fix VNC validation Signed-off-by: Victor Hansson <[email protected]>
- allow newer ansible in provision - remove unsused files, roles - simplify opennebula-node-kvm - remove unsued ceonts files, - rename yaml -> yml - replace `include:` with `include_tasks:` - don't restart frr - bump Ceph version in HCI to Reef, adopt ceph-opennebula-mon
| * @param {string} token - token JWT | ||
| * @returns {object} data JWT | ||
| */ | ||
| const jwtDecode = (token = '') => { |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
Avoid using == and === operators with sensitive data fields like passwords, api keys, tokens etc. as they are vulnerable to timing attack. Consider using crypto.timingSafeEqual or secure-compare for time-safe string comparison.
| */ | ||
| const getNodesService = ( | ||
| user = '', | ||
| password = '', |
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
Avoid using == and === operators with sensitive data fields like passwords, api keys, tokens etc. as they are vulnerable to timing attack. Consider using crypto.timingSafeEqual or secure-compare for time-safe string comparison.
| @@ -90,6 +91,11 @@ def get_devices(filter = nil) | |||
| end.flatten | |||
| end | |||
|
|
|||
| def device_attr?(device, attribute) | |||
| addr = "0000:#{device[:bus]}:#{device[:slot]}.#{device[:function]}" | |||
| !`ls -l /sys/bus/pci/devices/#{addr}/ | grep #{attribute}`.empty? | |||
There was a problem hiding this comment.
Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.
Detected a dangerous subshell execution vulnerability where user input is directly used in a shell command without proper sanitisation. This could allow an attacker to inject and execute arbitrary system commands, potentially leading to system compromise or data breach. To remediate, avoid using shell commands with user input when possible, or implement strict input validation and use shell escaping functions like Shellwords.escape(). If shell execution is necessary, consider using a allow list of allowed commands and arguments. Link to more info : https://guides.rubyonrails.org/security.html
Signed-off-by: dcarracedo <[email protected]>
Co-authored-by: Tino Vázquez <[email protected]>
when attach nic after create a vm Signed-off-by: dcarracedo <[email protected]>
Fix is the same applied here: c9742ad3d798e3c (use to_s to prevent nil.upcase calls)
Signed-off-by: Neal Hansen <[email protected]> Co-authored-by: Tino Vázquez <[email protected]>
* Schemas validated by online tool * Ambiguity errors not solved
Signed-off-by: dcarracedo <[email protected]>
(cherry picked from commit 08e7ff3)
Add a check before dereferencing the group roles pointer. (cherry picked from commit 48bab98)
Signed-off-by: Victor Hansson <[email protected]>
* Cleanup oned in case of initialization error * Fix monitoring after onemonitord restart. The code includes a "hook" point in case a driver is re-started so custom code can be executed. InformationManager sends the list of hosts and raft status in this case. * B #5801: Update error msg, in case of duplicated drivers
I make available my integration work on zfs, based on the ceph driver.
zfs is for single node and zfs_iscsi for shared
https://github.com/openmilanese/zfs_iscsi.git
https://github.com/openmilanese/zfs.git