Added keep_secret parameter feature #152
Conversation
|
This needs to be rebased, is this any different to https://docs.puppetlabs.com/references/latest/type.html#file-attribute-show_diff ? Thanks for putting in the effort and time. |
stepanstipl
force-pushed
the
feature-keep_secret2
branch
2 times, most recently
from
e89b516
to
e030676
Compare
|
Hi, yep I have rebased it, it's been a while. I would say it's very similar to show_diff (didn't know about that one). Just the logic here is reverse and in addition allows you to set 'md5' and will output md5 hashes instead of actual values. Would you prefer to rename this to "show_diff" and align the behaviour with the show_diff from file type? I think it would make sense. |
|
Apologies for getting back to this so late. renaming this to "show_diff" makes total sense |
|
@stepanstipl thanks for your patience |
|
@stepanstipl Thanks for the contribution, have you had a chance to take a look at the comments made by @tphoney and @asasfu ? |
stepanstipl
force-pushed
the
feature-keep_secret2
branch
3 times, most recently
from
f25f226
to
31e309d
Compare
|
@bmjen, thanks for a poke, it was kind of waiting on my laptop to be pushed. So, I've made following changes:
One note here - as I've tried to follow behaviour of show_diff on file type, it'll change default output. By default global |
| def munge_boolean_md5(value) | ||
| case value | ||
| when true, :true, 'true', :yes, 'yes' | ||
| true |
There was a problem hiding this comment.
Change looks pretty good, take a look here though https://github.com/puppetlabs/puppet/blob/master/lib/puppet/type/macauthorization.rb#L20-L29 you'll notice it should return :true or :false not true or false as the insync? seems to have an issue if it's not a symbol(I don't know why, just tested it and found it to be the correct method)
|
@asasfu thanks for comments, updated |
|
@stepanstipl It would be great if you could fix the test failures before this can be merged. Thanks! |
type file show_diff => true (default) prints diff to logs show_diff => md5 prints only md5 hashes instead of actual values show_diff => false redacts any information about values Global show_diff config takes priotiry over this one.
stepanstipl
force-pushed
the
feature-keep_secret2
branch
from
1060ec1
to
4b8336a
Compare
|
@jonnytpuppet I have rebased it onto the current master, the tests seems to be passing now |
|
Thanks for the work @stepanstipl :) |
Added keep_secret parameter feature
…9cf8a0a749df8639c183661100c4247e5f31' into target-original-master-1635b843779f68dd63b59ce8457621628776c9bc * commit '1635b843779f68dd63b59ce8457621628776c9bc': Convert boolean to :true & :false PR puppetlabs#152 Acceptance tests for show_diff Implemented show_diff parameter, with similar behaviour as show_diff on type file * commit 'e50e9cf8a0a749df8639c183661100c4247e5f31': dummy change
Added keep_secret parameter feature
This is followup on pull request #92 (sorry for long delay with addressing the issues).
Added feature keep_secret to redact how are information outputted to the logs.
Typical use case is to use this when managing sensitive values like passwords, which we do not want in the logs. Using this new parameter keep_secret will prevent this.
Accepted values:
false- default, normal behaviortrue- value will be replaced with "[redacted sensitive information]"md5- value will be replaced with it's md5 hash