Permalink
Browse files

Use quotes around passwords and tokens in templates [#45735657]

  • Loading branch information...
1 parent 675723e commit 8da418b42cf3ded7ea13b43f685e21dd2227211e Bleicke and Maria Shaldibina committed Mar 7, 2013
Showing with 99 additions and 99 deletions.
  1. +3 −3 jobs/atmos_gateway/templates/atmos_gateway.yml.erb
  2. +4 −4 jobs/backup_manager/templates/backup_manager.yml.erb
  3. +1 −1 jobs/backup_manager/templates/job_manager.yml.erb
  4. +4 −4 jobs/backup_manager/templates/snapshot_manager.yml.erb
  5. +1 −1 jobs/ccdb_postgres/templates/postgres_ctl.erb
  6. +9 −9 jobs/cloud_controller/templates/cloud_controller.yml.erb
  7. +1 −1 jobs/cloud_controller_ng/templates/cloud_controller_ng.yml.erb
  8. +3 −3 jobs/filesystem_gateway/templates/filesystem_gateway.yml.erb
  9. +2 −2 jobs/marketplace_gateway/templates/marketplace_gateway.yml.erb
  10. +3 −3 jobs/memcached_gateway/templates/memcached_gateway.yml.erb
  11. +8 −8 jobs/micro/override/cloud_controller/cloud_controller.yml.erb
  12. +4 −4 jobs/mongodb_gateway/templates/mongodb_gateway.yml.erb
  13. +1 −1 jobs/mongodb_node/templates/mongodb_worker.yml.erb
  14. +1 −1 jobs/mongodb_node_ng/templates/mongodb_worker.yml.erb
  15. +2 −2 jobs/mysql_gateway/templates/mysql_gateway.yml.erb
  16. +1 −1 jobs/mysql_node/templates/my.bootstrap.erb
  17. +1 −1 jobs/mysql_node/templates/my.shutdown.erb
  18. +1 −1 jobs/mysql_node/templates/mysql_backup.yml.erb
  19. +1 −1 jobs/mysql_node/templates/mysql_node.yml.erb
  20. +2 −2 jobs/mysql_node/templates/mysql_worker.yml.erb
  21. +1 −1 jobs/mysql_node_ng/templates/my.bootstrap.erb
  22. +1 −1 jobs/mysql_node_ng/templates/my.shutdown.erb
  23. +1 −1 jobs/mysql_node_ng/templates/my55.bootstrap.erb
  24. +1 −1 jobs/mysql_node_ng/templates/my55.shutdown.erb
  25. +1 −1 jobs/mysql_node_ng/templates/mysql_backup.yml.erb
  26. +1 −1 jobs/mysql_node_ng/templates/mysql_node.yml.erb
  27. +2 −2 jobs/mysql_node_ng/templates/mysql_worker.yml.erb
  28. +1 −1 jobs/nats/templates/nats.yml.erb
  29. +3 −3 jobs/oauth2_gateway/templates/oauth2_gateway.yml.erb
  30. +2 −2 jobs/postgresql_gateway/templates/postgresql_gateway.yml.erb
  31. +1 −1 jobs/postgresql_node/templates/postgresql_worker.yml.erb
  32. +1 −1 jobs/postgresql_node_ng/templates/postgresql_backup.yml.erb
  33. +1 −1 jobs/postgresql_node_ng/templates/postgresql_node.yml.erb
  34. +2 −2 jobs/postgresql_node_ng/templates/postgresql_worker.yml.erb
  35. +4 −4 jobs/rabbit_gateway/templates/rabbit_gateway.yml.erb
  36. +1 −1 jobs/rabbit_node_ng/templates/rabbit_worker.yml.erb
  37. +4 −4 jobs/redis_gateway/templates/redis_gateway.yml.erb
  38. +1 −1 jobs/redis_node/templates/redis_worker.yml.erb
  39. +1 −1 jobs/redis_node_ng/templates/redis_worker.yml.erb
  40. +1 −1 jobs/router/templates/router.yml.erb
  41. +1 −1 jobs/router_next/templates/router.yml.erb
  42. +1 −1 jobs/serialization_data_server/templates/serialization_data_server.yml.erb
  43. +2 −2 jobs/service_broker/templates/service_broker.yml.erb
  44. +3 −3 jobs/uaa/templates/batch.yml.erb
  45. +4 −4 jobs/uaa/templates/uaa.yml.erb
  46. +3 −3 jobs/vblob_gateway/templates/vblob_gateway.yml.erb
  47. +1 −1 jobs/vcap_redis/templates/vcap_redis.conf.erb
@@ -68,12 +68,12 @@ uaa_client_id: <%= properties.uaa_client_id || "vmc" %>
uaa_endpoint: <%= properties.uaa_endpoint %>
uaa_client_auth_credentials:
username: <%= properties.uaa_client_auth_credentials.username %>
- password: <%= properties.uaa_client_auth_credentials.password %>
+ password: "<%= properties.uaa_client_auth_credentials.password %>"
service_auth_tokens:
- atmos_core: <%= gateway.token %>
+ atmos_core: "<%= gateway.token %>"
<% end %>
-token: <%= gateway.token %>
+token: "<%= gateway.token %>"
logging:
file: /var/vcap/sys/log/atmos_gateway/atmos_gateway.log
@@ -17,16 +17,16 @@ rotation:
services:
mongodb:
version: "1.8"
- token: <%= properties.mongodb_gateway.token %>
+ token: "<%= properties.mongodb_gateway.token %>"
redis:
version: "2.2"
- token: <%= properties.redis_gateway.token %>
+ token: "<%= properties.redis_gateway.token %>"
mysql:
version: "5.1"
- token: <%= properties.mysql_gateway.token %>
+ token: "<%= properties.mysql_gateway.token %>"
postgresql:
version: "9.0"
- token: <%= properties.postgresql_gateway.token %>
+ token: "<%= properties.postgresql_gateway.token %>"
root: <%= properties.service_backup && properties.service_backup.mount_point || "/var/vcap/services_backup" %>
wakeup_interval: <%= properties.service_backup_manager && properties.service_backup_manager.rotation_interval_secs || 43200 %>
enable: <%= properties.service_backup_manager && properties.service_backup && properties.service_backup.nfs_server && properties.service_backup_manager.enable || "false" %>
@@ -25,7 +25,7 @@ enable: <%= enable || "false" %>
services_redis:
host: <%= lifecycle.resque.host %>
port: <%= lifecycle.resque.port %>
- password: <%= lifecycle.resque.password %>
+ password: "<%= lifecycle.resque.password %>"
<%
end
%>
@@ -20,16 +20,16 @@ cleanup:
services:
mongodb:
version: "1.8"
- token: <%= properties.mongodb_gateway.token %>
+ token: "<%= properties.mongodb_gateway.token %>"
redis:
version: "2.2"
- token: <%= properties.redis_gateway.token %>
+ token: "<%= properties.redis_gateway.token %>"
mysql:
version: "5.1"
- token: <%= properties.mysql_gateway.token %>
+ token: "<%= properties.mysql_gateway.token %>"
postgresql:
version: "9.0"
- token: <%= properties.postgresql_gateway.token %>
+ token: "<%= properties.postgresql_gateway.token %>"
root: <%= properties.service_lifecycle && properties.service_lifecycle.mount_point || "/var/vcap/services_snapshot" %>
wakeup_interval: <%= properties.service_snapshot_manager && properties.service_snapshot_manager.cleanup_interval_secs || 43200 %>
enable: <%= properties.service_snapshot_manager && properties.service_lifecycle && properties.service_lifecycle.nfs_server && properties.service_snapshot_manager.enable || "false" %>
@@ -9,7 +9,7 @@ PIDFILE=$RUN_DIR/postgres.pid
HOST=<%= spec.networks.send(properties.networks.management).ip %>
PORT=<%= properties.ccdb.port %>
USER=<%= properties.ccdb.user %>
-PASSWORD=<%= properties.ccdb.password %>
+PASSWORD="<%= properties.ccdb.password %>"
DBNAME=<%= properties.ccdb.dbname %>
case "$1" in
@@ -25,7 +25,7 @@ max_droplet_size: <%= cc_props.max_droplet_size %>
bulk_api:
auth:
user: bulk_api
- password: <%= cc_props.password %>
+ password: "<%= cc_props.password %>"
nginx:
use_nginx: <%= cc_props.use_nginx %> #nginx proxy in front of CC?
@@ -66,8 +66,8 @@ event_logging:
file: /var/vcap/sys/log/cloud_controller/events.log
keys:
- password: <%= cc_props.password %>
- token: <%= cc_props.token %>
+ password: "<%= cc_props.password %>"
+ token: "<%= cc_props.token %>"
pid: /var/vcap/sys/run/cloud_controller/cloud_controller.pid
@@ -90,7 +90,7 @@ database_environment:
port: <%= ccdb.port %>
encoding: utf8
username: <%= db_role.name %>
- password: <%= db_role.password %>
+ password: "<%= db_role.password %>"
pool: <%= ccdb.pool_size %>
timeout: 2000
template: template0 # Required for utf8 encoding
@@ -108,8 +108,8 @@ uaa:
enabled: <%= cc_props.uaa.enabled %>
url: <%= scheme %>://uaa.<%= properties.domain %>
resource_id: <%= cc_props.uaa.resource_id %>
- token_secret: <%= properties.uaa.cc.token_secret %>
- client_secret: <%= properties.uaa.cc.client_secret %>
+ token_secret: "<%= properties.uaa.cc.token_secret %>"
+ client_secret: "<%= properties.uaa.cc.client_secret %>"
token_creation_email_filter: <%= cc_props.uaa.token_creation_email_filter %>
<% else %>
uaa:
@@ -126,7 +126,7 @@ uaa:
redis:
host: <%= properties.vcap_redis.address %>
port: <%= properties.vcap_redis.port %>
- password: <%= properties.vcap_redis.password %>
+ password: "<%= properties.vcap_redis.password %>"
<% end %>
staging:
@@ -172,9 +172,9 @@ builtin_services:
<% service = 'rabbitmq' if service == 'rabbit'
service = 'blob' if service == 'vblob' %>
<%= "#{service}:"%>
- token: <%= properties.send(service_gateway.to_sym).token %>
+ token: "<%= properties.send(service_gateway.to_sym).token %>"
<% if properties.send(service_gateway.to_sym).token_b %>
- token_b: <%= properties.send(service_gateway.to_sym).token_b %>
+ token_b: "<%= properties.send(service_gateway.to_sym).token_b %>"
<% end %>
<% end %>
<% end %>
@@ -80,7 +80,7 @@ login:
uaa:
url: <%= scheme %>://uaa.<%= p("domain") %>
resource_id: <%= p("ccng.uaa_resource_id") %>
- symmetric_secret: <%= p("uaa.cc.token_secret") %>
+ symmetric_secret: "<%= p("uaa.cc.token_secret") %>"
verification_key: <%= p("uaa.jwt.verification_key") ? ("|\n " + p("uaa.jwt.verification_key").gsub("\n", "\n ")) : '~' %>
# App staging parameters
@@ -64,12 +64,12 @@ uaa_client_id: <%= properties.uaa_client_id || "vmc" %>
uaa_endpoint: <%= properties.uaa_endpoint %>
uaa_client_auth_credentials:
username: <%= properties.uaa_client_auth_credentials.username %>
- password: <%= properties.uaa_client_auth_credentials.password %>
+ password: "<%= properties.uaa_client_auth_credentials.password %>"
service_auth_tokens:
- filesystem_core: <%= gateway.token %>
+ filesystem_core: "<%= gateway.token %>"
<% end %>
-token: <%= properties.filesystem_gateway.token %>
+token: "<%= properties.filesystem_gateway.token %>"
logging:
file: /var/vcap/sys/log/filesystem_gateway/filesystem_gateway.log
@@ -38,7 +38,7 @@ uaa_client_id: <%= props.uaa_client_id || "vmc" %>
uaa_endpoint: <%= props.uaa_endpoint %>
uaa_client_auth_credentials:
username: <%= props.uaa_client_auth_credentials.username %>
- password: <%= props.uaa_client_auth_credentials.password %>
+ password: "<%= props.uaa_client_auth_credentials.password %>"
service_auth_tokens:
<%
@@ -51,7 +51,7 @@ service_auth_tokens:
token: unused
<% else %>
-token: <%= props.token %>
+token: "<%= props.token %>"
<% end %>
refresh_interval: <%= props.refresh_interval || 300 %>
@@ -84,12 +84,12 @@ uaa_client_id: <%= properties.uaa_client_id || "vmc" %>
uaa_endpoint: <%= properties.uaa_endpoint %>
uaa_client_auth_credentials:
username: <%= properties.uaa_client_auth_credentials.username %>
- password: <%= properties.uaa_client_auth_credentials.password %>
+ password: "<%= properties.uaa_client_auth_credentials.password %>"
service_auth_tokens:
- memcached_core: <%= gateway.token %>
+ memcached_core: "<%= gateway.token %>"
<% end %>
-token: <%= gateway.token %>
+token: "<%= gateway.token %>"
logging:
file: /var/vcap/sys/log/memcached_gateway/memcached_gateway.log
level: debug
@@ -25,7 +25,7 @@ max_droplet_size: <%= cc_props.max_droplet_size %>
bulk_api:
auth:
user: bulk_api
- password: <%= cc_props.password %>
+ password: "<%= cc_props.password %>"
nginx:
use_nginx: <%= cc_props.use_nginx %> #nginx proxy in front of CC?
@@ -66,8 +66,8 @@ event_logging:
file: /var/vcap/sys/log/cloud_controller/events.log
keys:
- password: <%= cc_props.password %>
- token: <%= cc_props.token %>
+ password: "<%= cc_props.password %>"
+ token: "<%= cc_props.token %>"
pid: /var/vcap/sys/run/cloud_controller/cloud_controller.pid
@@ -90,7 +90,7 @@ database_environment:
port: <%= ccdb.port %>
encoding: utf8
username: <%= db_role.name %>
- password: <%= db_role.password %>
+ password: "<%= db_role.password %>"
pool: <%= ccdb.pool_size %>
timeout: 2000
template: template0 # Required for utf8 encoding
@@ -101,7 +101,7 @@ uaa:
enabled: <%= cc_props.uaa.enabled %>
url: http://uaa.<%= properties.domain %>
resource_id: <%= cc_props.uaa.resource_id %>
- token_secret: <%= properties.uaa.cc.token_secret %>
+ token_secret: "<%= properties.uaa.cc.token_secret %>"
client_secret: <%= properties.uaa.cc.client_secret %>
token_creation_email_filter: <%= cc_props.uaa.token_creation_email_filter %>
<% else %>
@@ -119,7 +119,7 @@ uaa:
redis:
host: <%= properties.vcap_redis.address %>
port: <%= properties.vcap_redis.port %>
- password: <%= properties.vcap_redis.password %>
+ password: "<%= properties.vcap_redis.password %>"
<% end %>
staging:
@@ -165,9 +165,9 @@ builtin_services:
<% service = 'rabbitmq' if service == 'rabbit'
service = 'blob' if service == 'vblob' %>
<%= "#{service}:"%>
- token: <%= properties.send(service_gateway.to_sym).token %>
+ token: "<%= properties.send(service_gateway.to_sym).token %>"
<% if properties.send(service_gateway.to_sym).token_b %>
- token_b: <%= properties.send(service_gateway.to_sym).token_b %>
+ token_b: "<%= properties.send(service_gateway.to_sym).token_b %>"
<% end %>
<% end %>
<% end %>
@@ -88,12 +88,12 @@ uaa_client_id: <%= properties.uaa_client_id || "vmc" %>
uaa_endpoint: <%= properties.uaa_endpoint %>
uaa_client_auth_credentials:
username: <%= properties.uaa_client_auth_credentials.username %>
- password: <%= properties.uaa_client_auth_credentials.password %>
+ password: "<%= properties.uaa_client_auth_credentials.password %>"
service_auth_tokens:
- mongodb_core: <%= gateway.token %>
+ mongodb_core: "<%= gateway.token %>"
<% end %>
-token: <%= gateway.token %>
+token: "<%= gateway.token %>"
logging:
file: /var/vcap/sys/log/mongodb_gateway/mongodb_gateway.log
level: debug
@@ -112,7 +112,7 @@ max_nats_payload: <%= nats_props.max_payload || 1048576 %>
resque:
host: <%= lifecycle.resque.host %>
port: <%= lifecycle.resque.port %>
- password: <%= lifecycle.resque.password %>
+ password: "<%= lifecycle.resque.password %>"
expire: <%= lifecycle.resque.expire %>
download_url_template: "http://<%= lifecycle.download_url %>/serialized/%{service}/%{name}/snapshots/%{snapshot_id}?token=%{token}"
<% end %>
@@ -22,7 +22,7 @@ tmp_dir: <%= lifecycle.tmp_dir || "/tmp" %>
resque:
host: <%= lifecycle.resque.host %>
port: <%= lifecycle.resque.port %>
- password: <%= lifecycle.resque.password %>
+ password: "<%= lifecycle.resque.password %>"
expire: <%= lifecycle.resque.expire %>
logging:
level: debug
@@ -22,7 +22,7 @@ tmp_dir: <%= lifecycle.tmp_dir || "/tmp" %>
resque:
host: <%= lifecycle.resque.host %>
port: <%= lifecycle.resque.port %>
- password: <%= lifecycle.resque.password %>
+ password: "<%= lifecycle.resque.password %>"
expire: <%= lifecycle.resque.expire %>
logging:
level: debug
@@ -88,7 +88,7 @@ uaa_client_id: <%= properties.uaa_client_id || "vmc" %>
uaa_endpoint: <%= properties.uaa_endpoint %>
uaa_client_auth_credentials:
username: <%= properties.uaa_client_auth_credentials.username %>
- password: <%= properties.uaa_client_auth_credentials.password %>
+ password: "<%= properties.uaa_client_auth_credentials.password %>"
service_auth_tokens:
mysql_core: "<%= gateway.token %>"
<% end %>
@@ -113,7 +113,7 @@ max_nats_payload: <%= nats_props.max_payload || 1048576 %>
resque:
host: <%= lifecycle.resque.host %>
port: <%= lifecycle.resque.port %>
- password: <%= lifecycle.resque.password %>
+ password: "<%= lifecycle.resque.password %>"
expire: <%= lifecycle.resque.expire %>
download_url_template: "http://<%= lifecycle.download_url %>/serialized/%{service}/%{name}/snapshots/%{snapshot_id}?token=%{token}"
<% end %>
@@ -1,6 +1,6 @@
export LD_LIBRARY_PATH=/var/vcap/packages/mysql/lib/mysql
export PATH=/var/vcap/packages/mysql/bin
-password=<%= properties.mysql_node.password %>
+password="<%= properties.mysql_node.password %>"
/var/vcap/packages/mysql/bin/mysqladmin -u root password "${password}" -S /var/vcap/sys/run/mysqld/mysqld.sock
@@ -1,5 +1,5 @@
export LD_LIBRARY_PATH=/var/vcap/packages/mysql/lib/mysql
-password=<%= properties.mysql_node.password %>
+password="<%= properties.mysql_node.password %>"
/var/vcap/packages/mysql/bin/mysqladmin --user=root --password="${password}" --socket=/var/vcap/sys/run/mysqld/mysqld.sock shutdown
@@ -20,7 +20,7 @@ mysql:
host: localhost
port: 3306
user: root
- pass: <%= properties.mysql_node.password %>
+ pass: "<%= properties.mysql_node.password %>"
socket: /var/vcap/sys/run/mysqld/mysqld.sock
timeout: <%= backup_enabled && plan_conf.backup.timeout || 600 %>
node_id: <%= "#{service}_node#{'_' + plan if plan != 'free'}_#{spec.index.to_i + 1}" %>
@@ -38,7 +38,7 @@ mysql:
port: 3306
socket: /var/vcap/sys/run/mysqld/mysqld.sock
user: root
- pass: <%= node.password %>
+ pass: "<%= node.password %>"
connection_pool_size: <%= node.connection_pool_size || 5 %>
migration_nfs: <%= properties.service_migration && properties.service_migration.mount_point ? properties.service_migration.mount_point : "/var/vcap/services_migration" %>
mysqldump_bin: /var/vcap/packages/mysql/bin/mysqldump
@@ -16,7 +16,7 @@ tmp_dir: <%= lifecycle.tmp_dir || "/tmp" %>
resque:
host: <%= lifecycle.resque.host %>
port: <%= lifecycle.resque.port %>
- password: <%= lifecycle.resque.password %>
+ password: "<%= lifecycle.resque.password %>"
expire: <%= lifecycle.resque.expire %>
logging:
level: debug
@@ -36,7 +36,7 @@ mysql:
port: 3306
socket: /var/vcap/sys/run/mysqld/mysqld.sock
user: root
- pass: <%= properties.mysql_node.password %>
+ pass: "<%= properties.mysql_node.password %>"
mysqldump_bin: /var/vcap/packages/mysql/bin/mysqldump
mysql_bin: /var/vcap/packages/mysql/bin/mysql
gzip_bin: /bin/gzip
@@ -1,6 +1,6 @@
export LD_LIBRARY_PATH=/var/vcap/packages/mysql/lib/mysql
export PATH=/var/vcap/packages/mysql/bin
-password=<%= properties.mysql_node.password %>
+password="<%= properties.mysql_node.password %>"
/var/vcap/packages/mysql/bin/mysqladmin -u root password "${password}" -S /var/vcap/sys/run/mysqld/mysqld.sock
@@ -9,6 +9,6 @@ use_warden = warden && warden.enable
%>
export LD_LIBRARY_PATH=/var/vcap/packages/mysql/lib/mysql
-password=<%= use_warden ? "$1" : properties.mysql_node.password %>
+password="<%= use_warden ? "$1" : properties.mysql_node.password %>"
/var/vcap/packages/mysql/bin/mysqladmin --user=root --password="${password}" --socket=<%= "#{base_folder}/mysqld.sock" %> shutdown
@@ -1,6 +1,6 @@
export LD_LIBRARY_PATH=/var/vcap/packages/mysql55/lib/mysql
export PATH=/var/vcap/packages/mysql55/bin
-password=<%= properties.mysql_node.password %>
+password="<%= properties.mysql_node.password %>"
/var/vcap/packages/mysql55/bin/mysqladmin -u root password "${password}" -S /var/vcap/sys/run/mysqld/mysqld55.sock
@@ -9,6 +9,6 @@ use_warden = warden && warden.enable
%>
export LD_LIBRARY_PATH=/var/vcap/packages/mysql55/lib/mysql
-password=<%= use_warden ? "$1" : properties.mysql_node.password %>
+password="<%= use_warden ? "$1" : properties.mysql_node.password %>"
/var/vcap/packages/mysql55/bin/mysqladmin --user=root --password="${password}" --socket=<%= "#{base_folder}/mysqld55.sock" %> shutdown
Oops, something went wrong.

0 comments on commit 8da418b

Please sign in to comment.