Add tests to check attachments are secure A vulnerability was detected in Cinder that could allow users to access other people's volumes. The solution was to limit some of the operations on attached volumes to only OpenStack services. This patch adds some negative tests to check that a user cannot directly call Cinder to detach a volume, force detach it, terminate its connection, or delete its attachment. Depends-On: I612905a1bf4a1706cce913c0d8a6df7a240d599a Related-Bug: #2004555 Change-Id: Ice6532ce7943e9a9363e443515946865541d09c2

commit: cbaf22e85dc4b4ee819bc69ad9a294d3f85b372e [log] [tgz]
author: Gorka Eguileor <geguileo@redhat.com> Thu Apr 20 17:09:43 2023 +0200
committer: Dan Smith <dansmith@redhat.com> Wed May 17 11:06:32 2023 -0700
tree: dba1758c8b9da6c21010fafee6f9dd0b04596d11
parent: e5da6756b9e7fb8fbedade5d3a428e0a8bff94ff [diff] [blame]
diff --git a/releasenotes/notes/add-volume-detach-libs-2cbb3ca924aed0ac.yaml b/releasenotes/notes/add-volume-detach-libs-2cbb3ca924aed0ac.yaml
new file mode 100644
index 0000000..30127b3
--- /dev/null
+++ b/releasenotes/notes/add-volume-detach-libs-2cbb3ca924aed0ac.yaml

@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Add delete_attachment to the v3 AttachmentsClient and terminate_connection
+    to the v3 VolumesClient.
commit	cbaf22e85dc4b4ee819bc69ad9a294d3f85b372e	[log] [tgz]
author	Gorka Eguileor <geguileo@redhat.com>	Thu Apr 20 17:09:43 2023 +0200
committer	Dan Smith <dansmith@redhat.com>	Wed May 17 11:06:32 2023 -0700
tree	dba1758c8b9da6c21010fafee6f9dd0b04596d11
parent	e5da6756b9e7fb8fbedade5d3a428e0a8bff94ff [diff] [blame]