diff options
author | Jan Pokorný <jpokorny@redhat.com> | 2014-03-27 13:24:40 +0100 |
---|---|---|
committer | Jan Pokorný <jpokorny@redhat.com> | 2014-03-27 13:24:40 +0100 |
commit | a61d4129a37655958d66276e03d6561b6b2c0c36 (patch) | |
tree | f3aa195143b26bb37702b013ead177182631cb45 /commands | |
parent | 758e58e98627dd3297b7a911dc72c8dfd8779abc (diff) | |
download | clufter-a61d4129a37655958d66276e03d6561b6b2c0c36.tar.gz clufter-a61d4129a37655958d66276e03d6561b6b2c0c36.tar.xz clufter-a61d4129a37655958d66276e03d6561b6b2c0c36.zip |
commands/ccs_obfuscate: be more explicit about the expectations
Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
Diffstat (limited to 'commands')
-rw-r--r-- | commands/ccs_obfuscate.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/commands/ccs_obfuscate.py b/commands/ccs_obfuscate.py index 6a294e9..e8b2be3 100644 --- a/commands/ccs_obfuscate.py +++ b/commands/ccs_obfuscate.py @@ -19,6 +19,17 @@ def ccs_obfuscate(cmd_ctxt, Either obfuscation pass can be suppressed by skip parameter, by default they are performed both in row. + Following conventions are used for substituted ids/credentials: + 1. identifiers used for crosslinking (referential integrity) + ought to be converted in a way not violating this integrity + 2. identifiers clearly out of referential integrity (i.e., + arbitrary value unrelated to the rest of the XML tree) + ought to be substituted with strings starting with 'REL-' + 3. credentials ought to be substituted with strings starting + with 'SECRET-' + 4. overall, any affected item should be substituted with + capitalized string to visually emphasize the substitution + Options: input input CMAN-based cluster configuration file output output file with obfuscated credentials/identifiers |