vdombrovski opened a new issue, #6620:
URL: https://github.com/apache/cloudstack/issues/6620
<!--
Verify first that your issue/request is not already reported on GitHub.
Also test if the latest release and main branch are affected too.
Always add information AFTER of these HTML comments, but no need to delete
the comments.
-->
##### ISSUE TYPE
<!-- Pick one below and delete the rest -->
* Bug Report
##### COMPONENT NAME
<!--
Categorize the issue, e.g. API, VR, VPN, UI, etc.
-->
~~~
Core
~~~
##### CLOUDSTACK VERSION
<!--
New line separated list of affected versions, commit ID for issues on main
branch.
-->
~~~
4.17.0.0
~~~
##### CONFIGURATION
<!--
Information about the configuration if relevant, e.g. basic network,
advanced networking, etc. N/A otherwise
-->
N/A
##### OS / ENVIRONMENT
<!--
Information about the environment if relevant, N/A otherwise
-->
N/A
##### SUMMARY
<!-- Explain the problem/feature briefly -->
Created tags are not deleted when the user releases an public IP address. If
the public IP is then assigned to another user, it will still contain all the
previous tags. This interferes with automation tools that expect a clean
resource, and could allow other accounts to access potentially sensitive
metadata.
I understand that in some cases this would be considered a feature, however
this makes it unusable to provide shared IP pools that could be used by several
accounts. (at least while the permission to edit tags is granted)
##### STEPS TO REPRODUCE
<!--
For bugs, show exactly how to reproduce the problem, using a minimal
test-case. Use Screenshots if accurate.
For new features, show how the feature would be used.
-->
<!-- Paste example playbooks or commands between quotes below -->
~~~
# using cmk
associate ipaddress domainid=[...] networkid=[...] vpcid=[...]
[...]
list tags resourcetype=publicipaddress
resourceid=86b1b359-1879-488b-ba9c-772cceeb6908 listall=true
create tags resourcetype=publicipaddress
resourceids=86b1b359-1879-488b-ba9c-772cceeb6908 tags[0].key=somekey
tags[0].value=somevalue
success = true
list tags resourcetype=publicipaddress
resourceid=86b1b359-1879-488b-ba9c-772cceeb6908 listall=true
count = 1
tag:
domain = XXX
key = somekey
value = somevalue
resourcetype = PublicIpAddress
resourceid = 86b1b359-1879-488b-ba9c-772cceeb6908
account = XXX
domainid =XXX
disassociate ipaddress id=86b1b359-1879-488b-ba9c-772cceeb6908
success = true
list tags resourcetype=publicipaddress
resourceid=86b1b359-1879-488b-ba9c-772cceeb6908 listall=true
count = 1
tag:
domain = XXX
key = somekey
value = somevalue
resourcetype = PublicIpAddress
resourceid = 86b1b359-1879-488b-ba9c-772cceeb6908
account = XXX
domainid =XXX
~~~
<!-- You can also paste gist.github.com links for larger files -->
##### EXPECTED RESULTS
<!-- What did you expect to happen when running the steps above? -->
Expected the tags to be removed when the IP is disassociated (freed)
##### ACTUAL RESULTS
<!-- What actually happened? -->
<!-- Paste verbatim command output between quotes below -->
Tags are still present, and will continue to exist until they are deleted
manually via "deleteTags"
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
