openstack/puppet-octavia
Code Issues Proposed changes

Merge "Set show_diff to false on certificates"

Browse Source
This commit is contained in:
Zuul 2018-11-27 19:40:17 +00:00 committed by Gerrit Code Review
commit f76449e686
3 changed files with 104 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
manifests/certificates.pp
View File

@ -123,6 +123,7 @@ class octavia::certificates (
owner => $file_permission_group,
mode => '0755',
replace => true,
show_diff => false,
tag => 'octavia-certificate',
}
}
@ -144,6 +145,7 @@ class octavia::certificates (
owner => $file_permission_group,
mode => '0755',
replace => true,
show_diff => false,
tag => 'octavia-certificate',
}
}
@ -162,6 +164,7 @@ class octavia::certificates (
owner => $file_permission_group,
mode => '0755',
replace => true,
show_diff => false,
tag => 'octavia-certificate',
}
}
@ -183,6 +186,7 @@ class octavia::certificates (
owner => $file_permission_group,
mode => '0755',
replace => true,
show_diff => false,
tag => 'octavia-certificate',
}
}

8
releasenotes/notes/certificate-no-diff-4e4d156963752b6d.yaml Normal file
View File

@ -0,0 +1,8 @@
---
security:
- |
Certificate changes no longer shows diffs in output.
fixes:
- |
Fixed a bug where certificate changes would show the diffs.
Certificate are now considered secrets and not displayed.

54
spec/classes/octavia_certificates_spec.rb
View File

@ -78,35 +78,32 @@ describe 'octavia::certificates' do
it 'populates certificate files' do
is_expected.to contain_file('/etc/octavia/ca.pem').with({
'ensure' => 'file',
'owner' => 'octavia',
'group' => 'octavia',
'mode' => '0755',
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia/ca.pem').with({
'content' => 'on_my_authority_this_is_a_certificate',
'owner' => 'octavia',
'group' => 'octavia',
'mode' => '0755',
'replace' => true,
'show_diff' => false,
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia/key.pem').with({
'ensure' => 'file',
'owner' => 'octavia',
'group' => 'octavia',
'mode' => '0755',
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia/key.pem').with({
'content' => 'this_is_my_private_key_woot_woot',
'owner' => 'octavia',
'group' => 'octavia',
'mode' => '0755',
'replace' => true,
'show_diff' => false,
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia/client.pem').with({
'ensure' => 'file',
'content' => 'certainly_for_the_client',
'owner' => 'octavia',
'group' => 'octavia',
'mode' => '0755',
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia/client.pem').with({
'content' => 'certainly_for_the_client',
'replace' => true,
'show_diff' => false,
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia').with({
@ -146,25 +143,34 @@ describe 'octavia::certificates' do
it 'populates certificate files' do
is_expected.to contain_file('/etc/octavia/ca.pem').with({
'ensure' => 'file',
'content' => 'on_my_authority_this_is_a_certificate',
'owner' => 'octavia',
'group' => 'octavia',
'mode' => '0755',
'replace' => true,
'show_diff' => false,
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia/ca.pem').with_content('on_my_authority_this_is_a_certificate')
is_expected.to contain_file('/etc/octavia1/key.pem').with({
'ensure' => 'file',
'content' => 'this_is_my_private_key_woot_woot',
'owner' => 'octavia',
'group' => 'octavia',
'mode' => '0755',
'replace' => true,
'show_diff' => false,
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia1/key.pem').with_content('this_is_my_private_key_woot_woot')
is_expected.to contain_file('/etc/octavia2/client.pem').with({
'ensure' => 'file',
'content' => 'certainly_for_the_client',
'owner' => 'octavia',
'group' => 'octavia',
'mode' => '0755',
'replace' => true,
'show_diff' => false,
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia2/client.pem').with_content('certainly_for_the_client')
is_expected.to contain_file('/etc/octavia').with({
'ensure' => 'directory',
'owner' => 'octavia',
@ -256,18 +262,24 @@ describe 'octavia::certificates' do
it 'populates certificate files' do
is_expected.to contain_file('/etc/octavia/ca.pem').with({
'ensure' => 'file',
'content' => 'my_ca_certificate',
'owner' => 'octavia',
'group' => 'octavia',
'mode' => '0755',
'replace' => true,
'show_diff' => false,
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia/ca.pem').with_content('my_ca_certificate')
is_expected.to contain_file('/etc/octavia/client_ca.pem').with({
'ensure' => 'file',
'content' => 'my_client_ca',
'owner' => 'octavia',
'group' => 'octavia',
'mode' => '0755',
'replace' => true,
'show_diff' => false,
'tag' => 'octavia-certificate',
})
is_expected.to contain_file('/etc/octavia/client_ca.pem').with_content('my_client_ca')
is_expected.to contain_file('/etc/octavia').with({
'ensure' => 'directory',
'owner' => 'octavia',