openstack/puppet-openstacklib
Code Issues Proposed changes

Add strict validation about boolean parameters

Browse Source 
This ensures the parameters used by if-else logic accept only boolean
values because non-boolean can result in unexpected behavior.

Change-Id: Ie9214b3324166a795b2d3aaf098852c8706bc8a0
This commit is contained in:
Takashi Kajinami
2023-03-03 13:36:04 +09:00
parent 62439012bd
commit a1dfd6861f
7 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
manifests/db/mysql.pp
View File

@@ -80,6 +80,9 @@ define openstacklib::db::mysql (
include mysql::server include mysql::server
include mysql::client include mysql::client
validate_legacy(Boolean, 'validate_bool', $create_user)
validate_legacy(Boolean, 'validate_bool', $create_grant)
if $password_hash != undef { if $password_hash != undef {
warning('The password_hash parameter was deprecated and will be removed warning('The password_hash parameter was deprecated and will be removed
in a future release. Use password instead') in a future release. Use password instead')

2
manifests/db/mysql/host_access.pp
View File

@@ -48,6 +48,8 @@ define openstacklib::db::mysql::host_access (
validate_legacy(Pattern[/_/], 'validate_re', $title, validate_legacy(Pattern[/_/], 'validate_re', $title,
['_', 'Title must be $dbname_$host']) ['_', 'Title must be $dbname_$host'])
validate_legacy(Boolean, 'validate_bool', $create_user)
validate_legacy(Boolean, 'validate_bool', $create_grant)
$host = inline_template('<%= @title.split("_").last.downcase %>') $host = inline_template('<%= @title.split("_").last.downcase %>')

2
manifests/iscsid.pp
View File

@@ -23,6 +23,8 @@ class openstacklib::iscsid(
) { ) {
include openstacklib::params include openstacklib::params
validate_legacy(Boolean, 'validate_bool', $enabled)
validate_legacy(Boolean, 'validate_bool', $manage_service)
package { 'open-iscsi': package { 'open-iscsi':
ensure => $package_ensure, ensure => $package_ensure,

4
manifests/messaging/rabbitmq.pp
View File

@@ -73,6 +73,10 @@ define openstacklib::messaging::rabbitmq(
$manage_user_permissions = true, $manage_user_permissions = true,
$manage_vhost = true, $manage_vhost = true,
) { ) {
validate_legacy(Boolean, 'validate_bool', $is_admin)
validate_legacy(Boolean, 'validate_bool', $manage_user)
validate_legacy(Boolean, 'validate_bool', $manage_user_permissions)
validate_legacy(Boolean, 'validate_bool', $manage_vhost)
if $manage_user { if $manage_user {
if $userid == 'guest' { if $userid == 'guest' {

1
manifests/policy.pp
View File

@@ -44,6 +44,7 @@ define openstacklib::policy (
) { ) {
validate_legacy(Hash, 'validate_hash', $policies) validate_legacy(Hash, 'validate_hash', $policies)
validate_legacy(Stdlib::Absolutepath, 'validate_absolute_path', $policy_path) validate_legacy(Stdlib::Absolutepath, 'validate_absolute_path', $policy_path)
validate_legacy(Boolean, 'validate_bool', $purge_config)
if empty($policies) { if empty($policies) {
create_resources('openstacklib::policy::default', { $policy_path => { create_resources('openstacklib::policy::default', { $policy_path => {

2
manifests/policy/base.pp
View File

@@ -47,6 +47,8 @@ define openstacklib::policy::base (
$purge_config = false, $purge_config = false,
) { ) {
validate_legacy(Boolean, 'validate_bool', $purge_config)
ensure_resource('openstacklib::policy::default', $file_path, { ensure_resource('openstacklib::policy::default', $file_path, {
file_path => $file_path, file_path => $file_path,
file_mode => $file_mode, file_mode => $file_mode,

1
manifests/policy/default.pp
View File

@@ -38,6 +38,7 @@ define openstacklib::policy::default (
$file_format = 'json', $file_format = 'json',
$purge_config = false, $purge_config = false,
) { ) {
validate_legacy(Boolean, 'validate_bool', $purge_config)
case $file_format { case $file_format {
'json': { 'json': {