Strip by default in tools/encrypt_secret
Trailing whitespace (newlines) in secrets is almost never what people want, but it's easy to leave them in and then wind up with hard to debug issues. Switch the defaut - make a new option "--no-strip" that will disable the behavior. Change-Id: I46947e38807b55e5cc3bacc060f5d41a63b564b8
This commit is contained in:
parent
70c70f8880
commit
17a437dcee
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
upgrade:
|
||||||
|
- |
|
||||||
|
The default behavior of the ``tools/encrypt_secret.py``
|
||||||
|
helper script is now to strip incoming input of leading
|
||||||
|
and trailing whitespace. A new ``--no-strip`` option
|
||||||
|
has been added to support people with secrets that contain
|
||||||
|
valid leading or trailing whitespace.
|
|
@ -56,8 +56,11 @@ def main():
|
||||||
default=None,
|
default=None,
|
||||||
help="The name of the Zuul tenant. This may be "
|
help="The name of the Zuul tenant. This may be "
|
||||||
"required in a multi-tenant environment.")
|
"required in a multi-tenant environment.")
|
||||||
parser.add_argument('--strip', action='store_true', default=False,
|
parser.add_argument('--strip', default=None,
|
||||||
help="Strip whitespace from beginning/end of input.")
|
help='Unused, kept for backward compatibility.')
|
||||||
|
parser.add_argument('--no-strip', action='store_true', default=False,
|
||||||
|
help="Do not strip whitespace from beginning or "
|
||||||
|
"end of input.")
|
||||||
parser.add_argument('--infile',
|
parser.add_argument('--infile',
|
||||||
default=None,
|
default=None,
|
||||||
help="A filename whose contents will be encrypted. "
|
help="A filename whose contents will be encrypted. "
|
||||||
|
@ -119,7 +122,7 @@ def main():
|
||||||
plaintext = sys.stdin.read()
|
plaintext = sys.stdin.read()
|
||||||
|
|
||||||
plaintext = plaintext.encode("utf-8")
|
plaintext = plaintext.encode("utf-8")
|
||||||
if args.strip:
|
if not args.no_strip:
|
||||||
plaintext = plaintext.strip()
|
plaintext = plaintext.strip()
|
||||||
|
|
||||||
pubkey_file = tempfile.NamedTemporaryFile(delete=False)
|
pubkey_file = tempfile.NamedTemporaryFile(delete=False)
|
||||||
|
|
Loading…
Reference in New Issue