Nuage: [RESTPROXY] serverauth should be secret

This parameter includes the password string, thus should be hidden.

Change-Id: If3f9c7b01aedeacea1e773438b812bc53918c5d8
This commit is contained in:
Takashi Kajinami 2022-04-10 19:28:49 +09:00
parent 03d2bc2d2b
commit e5f3f77a7d
3 changed files with 26 additions and 1 deletions

View File

@ -14,6 +14,28 @@ Puppet::Type.newtype(:neutron_plugin_nuage) do
value.capitalize! if value =~ /^(true|false)$/i
value
end
def is_to_s( currentvalue )
if resource.secret?
return '[old secret redacted]'
else
return currentvalue
end
end
def should_to_s( newvalue )
if resource.secret?
return '[new secret redacted]'
else
return newvalue
end
end
end
newparam(:secret, :boolean => true) do
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
newvalues(:true, :false)
defaultto false
end
newparam(:ensure_absent_val) do

View File

@ -98,7 +98,7 @@ class neutron::plugins::ml2::nuage (
neutron_plugin_nuage {
'RESTPROXY/default_net_partition_name': value => $nuage_net_partition_name;
'RESTPROXY/server': value => $nuage_vsd_ip;
'RESTPROXY/serverauth': value => "${nuage_vsd_username}:${nuage_vsd_password}";
'RESTPROXY/serverauth': value => "${nuage_vsd_username}:${nuage_vsd_password}", secret => true;
'RESTPROXY/organization': value => $nuage_vsd_organization;
'RESTPROXY/auth_resource': value => $nuage_auth_resource;
'RESTPROXY/serverssl': value => $nuage_server_ssl;

View File

@ -51,6 +51,9 @@ describe 'neutron::plugins::ml2::nuage' do
it 'should configure plugin.ini' do
should contain_neutron_plugin_nuage('RESTPROXY/default_net_partition_name').with_value(params[:nuage_net_partition_name])
should contain_neutron_plugin_nuage('RESTPROXY/server').with_value(params[:nuage_vsd_ip])
should contain_neutron_plugin_nuage('RESTPROXY/serverauth')\
.with_value("#{params[:nuage_vsd_username]}:#{params[:nuage_vsd_password]}")\
.with_secret(true)
should contain_neutron_plugin_nuage('RESTPROXY/organization').with_value(params[:nuage_vsd_organization])
should contain_neutron_plugin_nuage('RESTPROXY/cms_id').with_value(params[:nuage_cms_id])
should contain_neutron_plugin_nuage('PLUGIN/default_allow_non_ip').with_value(params[:nuage_default_allow_non_ip])