Unable to mark 'unless' as sensitive when implementing the documented reference approach with postgresql::server::role #1436
Comments
|
I think this was fixed in 87a56f6 which is part of version 9.0.3. You don't share which version of the module you're using so that makes it hard to tell, but I think the recommendation is to update. |
Looks like you're right - we tested with 9.0.2, 9.0.1 and a variety of earlier versions for good measure, hadn't seen the release of 9.0.3. Cheers! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the Bug
A clear and concise description of what the bug is.
If the password is set according to the documentation in the class, so without the sensitive option set, i.e.
postgresql::server::role { 'marmot':
password_hash => postgresql::postgresql_password('marmot', 'mypasswd'),
}
It results in a warning on agent runs, as follows:
Warning: /Postgresql_psql[ALTER ROLE marmot ENCRYPTED PASSWORD ****]: Unable to mark 'unless' as sensitive: unless is a parameter and not a property, and cannot be automatically redacted.This seems to be the offending code.
Expected Behavior
If the code is implemented according to the documented solution, I would expect it to run without errors or warnings. If it requires a Sensitive type, then at a minimum this should be documented and perhaps enforced defensively
Steps to Reproduce
Steps to reproduce the behavior:
class { 'postgresql::server': }postgresql::server::role { 'marmot': password_hash => postgresql::postgresql_password('marmot', 'mypasswd'), }Environment
Additional Context
I suspect this may be related as well to issue 1402 as the warning will continuously display if update_password is set to true, as it continuously attempts to set the password if being fed a sensitive value.
The text was updated successfully, but these errors were encountered: