mgr/orch: read untrusted input using the yaml SafeLoader

[mgfritch]

https://msg.pyyaml.org/load

Signed-off-by: Michael Fritch mfritch@suse.com

Checklist

• References tracker ticket
• Updates documentation if necessary
• Includes tests for new functionality or reproducer for bug

---

Show available Jenkins commands

• jenkins retest this please
• jenkins test classic perf
• jenkins test crimson perf
• jenkins test signed
• jenkins test make check
• jenkins test make check arm64
• jenkins test submodules
• jenkins test dashboard
• jenkins test dashboard backend
• jenkins test docs
• jenkins render docs
• jenkins test ceph-volume all
• jenkins test ceph-volume tox

[sebastian-philipp]

do we have a test for this code?

[tchaikov]

jenkins test docs

[tchaikov]

• http://pulpito.ceph.com/kchai-2020-06-23_07:49:50-rados-wip-kefu-testing-2020-06-23-1007-distro-basic-smithi/

• http://pulpito.ceph.com/kchai-2020-06-23_15:15:59-rados-wip-kefu-testing-2020-06-23-1353-distro-basic-smithi/

• http://pulpito.ceph.com/kchai-2020-06-23_07:49:50-rados-wip-kefu-testing-2020-06-23-1007-distro-basic-smithi/5171960, no clues, osd.2 failed to reply queries from osd.0 when peering. but there was no clues in its log.

• http://pulpito.ceph.com/kchai-2020-06-23_15:15:59-rados-wip-kefu-testing-2020-06-23-1353-distro-basic-smithi/5173648: tracked by https://tracker.ceph.com/issues/45721

• http://pulpito.ceph.com/kchai-2020-06-23_15:15:59-rados-wip-kefu-testing-2020-06-23-1353-distro-basic-smithi/5173654/: no tests failed..