Merge "Hide credential strings from puppet logs"
This commit is contained in:
commit
28a866b03c
@ -45,5 +45,29 @@ Puppet::Type.newtype(:ceph_config) do
|
||||
value.downcase! if value =~ /^(true|false)$/i
|
||||
value
|
||||
end
|
||||
|
||||
def is_to_s( currentvalue )
|
||||
if resource.secret?
|
||||
return '[old secret redacted]'
|
||||
else
|
||||
return currentvalue
|
||||
end
|
||||
end
|
||||
|
||||
def should_to_s( newvalue )
|
||||
if resource.secret?
|
||||
return '[new secret redacted]'
|
||||
else
|
||||
return newvalue
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
newparam(:secret, :boolean => true) do
|
||||
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
|
||||
|
||||
newvalues(:true, :false)
|
||||
|
||||
defaultto false
|
||||
end
|
||||
end
|
||||
|
@ -88,6 +88,6 @@ define ceph::rgw::keystone (
|
||||
"client.${name}/rgw_keystone_admin_domain": value => $rgw_keystone_admin_domain;
|
||||
"client.${name}/rgw_keystone_admin_project": value => $rgw_keystone_admin_project;
|
||||
"client.${name}/rgw_keystone_admin_user": value => $rgw_keystone_admin_user;
|
||||
"client.${name}/rgw_keystone_admin_password": value => $rgw_keystone_admin_password;
|
||||
"client.${name}/rgw_keystone_admin_password": value => $rgw_keystone_admin_password, secret => true;
|
||||
}
|
||||
}
|
||||
|
@ -0,0 +1,6 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
Now the ``ceph_config`` resource type supports the new ``secret`` property.
|
||||
When this property is set to ``true``, value of the parameter is hidden
|
||||
from puppet logs.
|
@ -46,7 +46,7 @@ describe 'ceph::rgw::keystone' do
|
||||
it { should contain_ceph_config('client.radosgw.gateway/rgw_keystone_admin_domain').with_value('default') }
|
||||
it { should contain_ceph_config('client.radosgw.gateway/rgw_keystone_admin_project').with_value('openstack') }
|
||||
it { should contain_ceph_config('client.radosgw.gateway/rgw_keystone_admin_user').with_value('rgwuser') }
|
||||
it { should contain_ceph_config('client.radosgw.gateway/rgw_keystone_admin_password').with_value('123456') }
|
||||
it { should contain_ceph_config('client.radosgw.gateway/rgw_keystone_admin_password').with_value('123456').with_secret(true) }
|
||||
it { should contain_ceph_config('client.radosgw.gateway/rgw_keystone_url').with_value('http://127.0.0.1:5000') }
|
||||
it { should contain_ceph_config('client.radosgw.gateway/rgw_keystone_accepted_roles').with_value('member') }
|
||||
it { should contain_ceph_config('client.radosgw.gateway/rgw_keystone_token_cache_size').with_value(500) }
|
||||
@ -84,7 +84,7 @@ describe 'ceph::rgw::keystone' do
|
||||
it { should contain_ceph_config('client.radosgw.custom/rgw_keystone_admin_domain').with_value('default') }
|
||||
it { should contain_ceph_config('client.radosgw.custom/rgw_keystone_admin_project').with_value('openstack') }
|
||||
it { should contain_ceph_config('client.radosgw.custom/rgw_keystone_admin_user').with_value('rgwuser') }
|
||||
it { should contain_ceph_config('client.radosgw.custom/rgw_keystone_admin_password').with_value('123456') }
|
||||
it { should contain_ceph_config('client.radosgw.custom/rgw_keystone_admin_password').with_value('123456').with_secret(true) }
|
||||
it { should contain_ceph_config('client.radosgw.custom/rgw_keystone_url').with_value('http://keystone.custom:5000') }
|
||||
it { should contain_ceph_config('client.radosgw.custom/rgw_keystone_accepted_roles').with_value('_role1_,role2') }
|
||||
it { should contain_ceph_config('client.radosgw.custom/rgw_keystone_token_cache_size').with_value(100) }
|
||||
|
Loading…
Reference in New Issue
Block a user