Set show_diff to false on certificates
Certificate should be considered secrets
and we should not output the diffs.
Also fixes up the testing to test all the
parameters set on the file resources.
Closes-Bug: 1804884
Change-Id: I0db84f4b9d97bf22d06478ded126a1f209c9b69a
(cherry picked from commit 45ecee290b
)
This commit is contained in:
parent
ea17af17d9
commit
79e9f63091
|
@ -123,6 +123,7 @@ class octavia::certificates (
|
|||
owner => $file_permission_group,
|
||||
mode => '0755',
|
||||
replace => true,
|
||||
show_diff => false,
|
||||
tag => 'octavia-certificate',
|
||||
}
|
||||
}
|
||||
|
@ -144,6 +145,7 @@ class octavia::certificates (
|
|||
owner => $file_permission_group,
|
||||
mode => '0755',
|
||||
replace => true,
|
||||
show_diff => false,
|
||||
tag => 'octavia-certificate',
|
||||
}
|
||||
}
|
||||
|
@ -162,6 +164,7 @@ class octavia::certificates (
|
|||
owner => $file_permission_group,
|
||||
mode => '0755',
|
||||
replace => true,
|
||||
show_diff => false,
|
||||
tag => 'octavia-certificate',
|
||||
}
|
||||
}
|
||||
|
@ -183,6 +186,7 @@ class octavia::certificates (
|
|||
owner => $file_permission_group,
|
||||
mode => '0755',
|
||||
replace => true,
|
||||
show_diff => false,
|
||||
tag => 'octavia-certificate',
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
security:
|
||||
- |
|
||||
Certificate changes no longer shows diffs in output.
|
||||
fixes:
|
||||
- |
|
||||
Fixed a bug where certificate changes would show the diffs.
|
||||
Certificate are now considered secrets and not displayed.
|
|
@ -78,35 +78,32 @@ describe 'octavia::certificates' do
|
|||
it 'populates certificate files' do
|
||||
is_expected.to contain_file('/etc/octavia/ca.pem').with({
|
||||
'ensure' => 'file',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia/ca.pem').with({
|
||||
'content' => 'on_my_authority_this_is_a_certificate',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia/key.pem').with({
|
||||
'ensure' => 'file',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia/key.pem').with({
|
||||
'content' => 'this_is_my_private_key_woot_woot',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia/client.pem').with({
|
||||
'ensure' => 'file',
|
||||
'content' => 'certainly_for_the_client',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia/client.pem').with({
|
||||
'content' => 'certainly_for_the_client',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia').with({
|
||||
|
@ -146,25 +143,34 @@ describe 'octavia::certificates' do
|
|||
it 'populates certificate files' do
|
||||
is_expected.to contain_file('/etc/octavia/ca.pem').with({
|
||||
'ensure' => 'file',
|
||||
'content' => 'on_my_authority_this_is_a_certificate',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia/ca.pem').with_content('on_my_authority_this_is_a_certificate')
|
||||
is_expected.to contain_file('/etc/octavia1/key.pem').with({
|
||||
'ensure' => 'file',
|
||||
'content' => 'this_is_my_private_key_woot_woot',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia1/key.pem').with_content('this_is_my_private_key_woot_woot')
|
||||
is_expected.to contain_file('/etc/octavia2/client.pem').with({
|
||||
'ensure' => 'file',
|
||||
'content' => 'certainly_for_the_client',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia2/client.pem').with_content('certainly_for_the_client')
|
||||
is_expected.to contain_file('/etc/octavia').with({
|
||||
'ensure' => 'directory',
|
||||
'owner' => 'octavia',
|
||||
|
@ -256,18 +262,24 @@ describe 'octavia::certificates' do
|
|||
it 'populates certificate files' do
|
||||
is_expected.to contain_file('/etc/octavia/ca.pem').with({
|
||||
'ensure' => 'file',
|
||||
'content' => 'my_ca_certificate',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia/ca.pem').with_content('my_ca_certificate')
|
||||
is_expected.to contain_file('/etc/octavia/client_ca.pem').with({
|
||||
'ensure' => 'file',
|
||||
'content' => 'my_client_ca',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
})
|
||||
is_expected.to contain_file('/etc/octavia/client_ca.pem').with_content('my_client_ca')
|
||||
is_expected.to contain_file('/etc/octavia').with({
|
||||
'ensure' => 'directory',
|
||||
'owner' => 'octavia',
|
||||
|
|
Loading…
Reference in New Issue