github-actions[bot] opened a new issue, #13310: URL: https://github.com/apache/cloudstack/issues/13310
## ๐ Apache CloudStack โ Daily Status Report *Generated: June 1, 2026* --- ## ๐ Recent Releases | Release | Date | Type | |---------|------|------| | [4.22.1.0 LTS](https://github.com/apache/cloudstack/releases/tag/4.22.1.0) | May 26, 2026 | Maintenance | | [4.22.0.1 LTS Security](https://github.com/apache/cloudstack/releases/tag/4.22.0.1) | May 8, 2026 | Security (7 CVEs) | | [4.20.3.0 LTS](https://github.com/apache/cloudstack/releases/tag/4.20.3.0) | Apr 17, 2026 | Maintenance | Great momentum with a fresh LTS maintenance release just last week! ๐ --- ## ๐ Active Pull Requests โ Highlights ### ๐ Major Features in Review - **`#13032`** โ Network Extension: Orchestrate external network devices *(weizhouapache)* โ significant infrastructure enhancement - **`#13033`** โ Keycloak OAuth provider *(tazouxme)* โ modern SSO integration - **`#13270`** โ VDDK VMware VM migrations to Ceph storage *(andrijapanicsb)* - **`#13294`** โ VDDK imports into RBD storage *(andrijapanicsb)* - **`#12124`** โ Dell EMC ECS Object Storage Plugin *(mhkadhum)* - **`#12758`** โ New KBOSS backup provider *(JoaoJandre)* - **`#12321`** โ Storage Manager tech debt cleanup *(DaanHoogland)* ### ๐ ๏ธ CI/Quality Improvements - **`#12932`** & **`#12836`** โ Pre-commit hook improvements and reusable CI workflows *(jbampton)* - **`#9796`** โ Update cloud-web-ipallocator.py ### ๐ Security - **`#13293`** โ Draft project security threat-model document *(potiuk)* โ proactive security documentation! --- ## โ Recently Merged - **`#13204`** โ Fix local upload from browser failing due to SSVM cert trust *(abh1sar)* - **`#13180`** โ Fix Instance Backup related events *(abh1sar)* - **`#13021`** โ Fix CPVM states validation in multiple zones *(Tonitzpp)* - **`#13078`** โ Linstor: surface ambiguous template fallbacks, legacy orphan cleanup *(jmsperu)* - **`#13050`** โ FlashArray: fall back to array capacity when pod has no quota *(genegr)* - **`#12961`** โ Refactor Quota balance *(winterhazel)* - **`#13238`** โ Docs: note MariaDB support in README *(robertsilen)* --- ## ๐จ Attention Needed โ Security Issues A batch of **14 security vulnerability reports** was filed today by `YLChen-007`, all related to **sensitive credential/password exposure in log files and exception messages** across various subsystems: - Script.java Ceph RBD credentials in logs (`#13309`) - OVM3 hypervisor plaintext passwords (`#13308`) - Baremetal SSH/user-data log exposure (`#13307`) - SSHCmdHelper keystore credentials (`#13306`) - Physical host credential exposure (`#13303`) - CIFS storage credentials in logs (`#13300`, `#13297`) - IPMI Tool plaintext passwords (`#13296`) - ...and several more > ๐ก **Recommendation for maintainers:** Triage these security issues promptly. Many may be related and could benefit from a coordinated fix (e.g., systematic log sanitization). Consider assigning to the security team for consolidated review. --- ## ๐ Project Health Snapshot | Metric | Status | |--------|--------| | Open PRs (active) | ~20 tracked, many feature-rich | | Release cadence | โ On track (4.22.1.0 just released) | | Security posture | โ ๏ธ New batch of log-exposure issues needs triage | | CI/tooling | ๐ Ongoing improvements via jbampton's pre-commit work | --- ## ๐ฏ Recommended Next Steps for Maintainers 1. **๐ด Security triage** โ Review and assign the 14 new credential-exposure issues from YLChen-007; consider a unified fix tracking issue 2. **๐ก PR reviews** โ Network Extension (`#13032`) and Keycloak OAuth (`#13033`) are high-value features awaiting review 3. **๐ข VDDK storage PRs** โ `#13270` and `#13294` from andrijapanicsb complement each other and could be reviewed together 4. **๐ข Storage Plugin** โ Dell EMC ECS Object Storage Plugin (`#12124`) looks mature โ worth a close review 5. **๐ Security threat model** โ `#13293` is a great initiative; early feedback would help shape the document --- *Keep up the fantastic work, Apache CloudStack community! ๐ฉ๏ธโ๏ธ* > Generated by [Repo Status](https://github.com/apache/cloudstack/actions/runs/26722545153) ยท sonnet46 546.5K ยท [โท](https://github.com/search?q=repo%3Aapache%2Fcloudstack+is%3Aissue+%22gh-aw-workflow-call-id%3A+apache%2Fcloudstack%2Fdaily-repo-status%22&type=issues) > <details> <summary>Add this agentic workflows to your repo</summary> To install this agentic workflow, run ``` gh aw add githubnext/agentics/workflows/repo-status.md@main ``` </details> <!-- gh-aw-agentic-workflow: Repo Status, engine: copilot, version: 1.0.52, model: claude-sonnet-4.6, id: 26722545153, workflow_id: daily-repo-status, run: https://github.com/apache/cloudstack/actions/runs/26722545153 --> <!-- gh-aw-workflow-id: daily-repo-status --> <!-- gh-aw-workflow-call-id: apache/cloudstack/daily-repo-status --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
