From bc94e3403ebab364fff7603c1a353c793b52966e Mon Sep 17 00:00:00 2001 From: "k4.rahul" Date: Fri, 5 May 2023 15:52:47 +0530 Subject: [PATCH] Coverity-CWE 260: Password in Configuration File MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Hardcoded credentials in​ configuration file​ remove from the cloud-config.txt file as it is not being used anywhere in the test case Change-Id: I101e4b9b6f48fa6d34822bc6f400552329f9aa18 Signed-off-by: k4.rahul --- .../Scripts/cloud_init/cloud-config.txt | 1 - .../Scripts/cloud_init/cloud-config.txt | 1 - .../Scripts/cloud_init/cloud-config.txt | 1 - .../notes/fix_cwe_260-badcbfc255dd5e34.yaml | 22 +++++++++++++++++++ 4 files changed, 22 insertions(+), 3 deletions(-) create mode 100644 releasenotes/notes/fix_cwe_260-badcbfc255dd5e34.yaml diff --git a/osm_common/tests/packages/invalid_package_vnf/Scripts/cloud_init/cloud-config.txt b/osm_common/tests/packages/invalid_package_vnf/Scripts/cloud_init/cloud-config.txt index 7a83e12..5c78ae3 100755 --- a/osm_common/tests/packages/invalid_package_vnf/Scripts/cloud_init/cloud-config.txt +++ b/osm_common/tests/packages/invalid_package_vnf/Scripts/cloud_init/cloud-config.txt @@ -19,7 +19,6 @@ # #cloud-config -password: osm4u chpasswd: { expire: False } ssh_pwauth: True diff --git a/osm_common/tests/packages/native_charm_with_metadata_dir_vnf/Scripts/cloud_init/cloud-config.txt b/osm_common/tests/packages/native_charm_with_metadata_dir_vnf/Scripts/cloud_init/cloud-config.txt index f5d56f6..1e33dd4 100755 --- a/osm_common/tests/packages/native_charm_with_metadata_dir_vnf/Scripts/cloud_init/cloud-config.txt +++ b/osm_common/tests/packages/native_charm_with_metadata_dir_vnf/Scripts/cloud_init/cloud-config.txt @@ -20,7 +20,6 @@ #cloud-config -password: osm4u chpasswd: { expire: False } ssh_pwauth: True diff --git a/osm_common/tests/packages/native_charm_without_metadata_dir_vnf/Scripts/cloud_init/cloud-config.txt b/osm_common/tests/packages/native_charm_without_metadata_dir_vnf/Scripts/cloud_init/cloud-config.txt index f5d56f6..1e33dd4 100755 --- a/osm_common/tests/packages/native_charm_without_metadata_dir_vnf/Scripts/cloud_init/cloud-config.txt +++ b/osm_common/tests/packages/native_charm_without_metadata_dir_vnf/Scripts/cloud_init/cloud-config.txt @@ -20,7 +20,6 @@ #cloud-config -password: osm4u chpasswd: { expire: False } ssh_pwauth: True diff --git a/releasenotes/notes/fix_cwe_260-badcbfc255dd5e34.yaml b/releasenotes/notes/fix_cwe_260-badcbfc255dd5e34.yaml new file mode 100644 index 0000000..51f03a9 --- /dev/null +++ b/releasenotes/notes/fix_cwe_260-badcbfc255dd5e34.yaml @@ -0,0 +1,22 @@ +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +--- +security: + - | + Coverity-CWE 260: Password in Configuration File + Hardcoded credentials in configuration file are removed from the cloud-config.txt file + as it is not being used anywhere in the test case. -- 2.25.1