From e746c9e412770785d708e3763843cb4bde2bde23 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Fri, 21 Jul 2023 14:56:41 +0900 Subject: [PATCH] Ensure absolute path for file creation There are a few parameters used as a file path when creating files. These should be absolute path, otherwise file resources fail. This adds validation at parameter layer to avoid exposing internal errors. Change-Id: I348838c5ca736056dac00c2a0b1ab5063d4d9289 --- manifests/key.pp | 2 +- manifests/mds.pp | 20 ++++++++++---------- manifests/rgw.pp | 38 +++++++++++++++++++------------------- 3 files changed, 30 insertions(+), 30 deletions(-) diff --git a/manifests/key.pp b/manifests/key.pp index 62ad8af1..dc4bccda 100644 --- a/manifests/key.pp +++ b/manifests/key.pp @@ -77,7 +77,7 @@ define ceph::key ( $secret, $cluster = undef, - $keyring_path = "/etc/ceph/ceph.${name}.keyring", + Stdlib::Absolutepath $keyring_path = "/etc/ceph/ceph.${name}.keyring", $cap_mon = undef, $cap_osd = undef, $cap_mds = undef, diff --git a/manifests/mds.pp b/manifests/mds.pp index 715b8edc..aab3a29b 100644 --- a/manifests/mds.pp +++ b/manifests/mds.pp @@ -51,16 +51,16 @@ # Optional. Default to 'ceph'. # class ceph::mds ( - $public_addr = undef, - $pkg_mds = $ceph::params::pkg_mds, - $pkg_mds_ensure = present, - Boolean $mds_activate = true, - $mds_data = undef, - $mds_enable = true, - $mds_ensure = 'running', - $mds_id = $facts['networking']['hostname'], - $keyring = undef, - $cluster = 'ceph', + $public_addr = undef, + $pkg_mds = $ceph::params::pkg_mds, + $pkg_mds_ensure = present, + Boolean $mds_activate = true, + Optional[Stdlib::Absolutepath] $mds_data = undef, + $mds_enable = true, + $mds_ensure = 'running', + $mds_id = $facts['networking']['hostname'], + $keyring = undef, + $cluster = 'ceph', ) inherits ceph::params { if $mds_data { $mds_data_real = $mds_data diff --git a/manifests/rgw.pp b/manifests/rgw.pp index 35830dbf..139aa992 100644 --- a/manifests/rgw.pp +++ b/manifests/rgw.pp @@ -88,25 +88,25 @@ # Optional. Default is false # define ceph::rgw ( - $pkg_radosgw = $ceph::params::pkg_radosgw, - $rgw_ensure = 'running', - $rgw_enable = true, - $rgw_enable_apis = undef, - $rgw_data = "/var/lib/ceph/radosgw/ceph-${name}", - $user = $ceph::params::user_radosgw, - $keyring_path = "/etc/ceph/ceph.client.${name}.keyring", - $log_file = '/var/log/ceph/radosgw.log', - $rgw_dns_name = $facts['networking']['fqdn'], - $rgw_socket_path = $ceph::params::rgw_socket_path, - $rgw_print_continue = false, - $rgw_port = undef, - $frontend_type = 'civetweb', - $rgw_frontends = undef, - $rgw_swift_url = "http://${facts['networking']['fqdn']}:7480", - $rgw_swift_url_prefix = 'swift', - $rgw_swift_account_in_url = false, - $rgw_swift_versioning_enabled = false, - $rgw_trust_forwarded_https = false, + $pkg_radosgw = $ceph::params::pkg_radosgw, + $rgw_ensure = 'running', + $rgw_enable = true, + $rgw_enable_apis = undef, + Stdlib::Absolutepath $rgw_data = "/var/lib/ceph/radosgw/ceph-${name}", + $user = $ceph::params::user_radosgw, + Stdlib::Absolutepath $keyring_path = "/etc/ceph/ceph.client.${name}.keyring", + Stdlib::Absolutepath $log_file = '/var/log/ceph/radosgw.log', + $rgw_dns_name = $facts['networking']['fqdn'], + $rgw_socket_path = $ceph::params::rgw_socket_path, + $rgw_print_continue = false, + $rgw_port = undef, + $frontend_type = 'civetweb', + $rgw_frontends = undef, + $rgw_swift_url = "http://${facts['networking']['fqdn']}:7480", + $rgw_swift_url_prefix = 'swift', + $rgw_swift_account_in_url = false, + $rgw_swift_versioning_enabled = false, + $rgw_trust_forwarded_https = false, ) { unless $name =~ /^radosgw\..+/ {