You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A clear and concise description of what the bug is.
If the password is set according to the documentation in the class, so without the sensitive option set, i.e.
It results in a warning on agent runs, as follows: Warning: /Postgresql_psql[ALTER ROLE marmot ENCRYPTED PASSWORD ****]: Unable to mark 'unless' as sensitive: unless is a parameter and not a property, and cannot be automatically redacted.
If the code is implemented according to the documented solution, I would expect it to run without errors or warnings. If it requires a Sensitive type, then at a minimum this should be documented and perhaps enforced defensively
Steps to Reproduce
Steps to reproduce the behavior:
Implement the postgresql module according to the module documentation class { 'postgresql::server': }
Add a role management resource postgresql::server::role { 'marmot': password_hash => postgresql::postgresql_password('marmot', 'mypasswd'), }
Run the puppet agent, implementing the new code and observe the warnings
Environment
Version Puppet 7.22.0 (PE and Open Source both)
Platform Centos 7, Rocky Linux 8
Additional Context
I suspect this may be related as well to issue 1402 as the warning will continuously display if update_password is set to true, as it continuously attempts to set the password if being fed a sensitive value.
The text was updated successfully, but these errors were encountered:
I think this was fixed in 87a56f6 which is part of version 9.0.3. You don't share which version of the module you're using so that makes it hard to tell, but I think the recommendation is to update.
I think this was fixed in 87a56f6 which is part of version 9.0.3. You don't share which version of the module you're using so that makes it hard to tell, but I think the recommendation is to update.
Looks like you're right - we tested with 9.0.2, 9.0.1 and a variety of earlier versions for good measure, hadn't seen the release of 9.0.3.
Tested now and confirmed to be resolved for us, so closing the bug.
Describe the Bug
A clear and concise description of what the bug is.
If the password is set according to the documentation in the class, so without the sensitive option set, i.e.
postgresql::server::role { 'marmot':
password_hash => postgresql::postgresql_password('marmot', 'mypasswd'),
}
It results in a warning on agent runs, as follows:
Warning: /Postgresql_psql[ALTER ROLE marmot ENCRYPTED PASSWORD ****]: Unable to mark 'unless' as sensitive: unless is a parameter and not a property, and cannot be automatically redacted.
This seems to be the offending code.
Expected Behavior
If the code is implemented according to the documented solution, I would expect it to run without errors or warnings. If it requires a Sensitive type, then at a minimum this should be documented and perhaps enforced defensively
Steps to Reproduce
Steps to reproduce the behavior:
class { 'postgresql::server': }
postgresql::server::role { 'marmot': password_hash => postgresql::postgresql_password('marmot', 'mypasswd'), }
Environment
Additional Context
I suspect this may be related as well to issue 1402 as the warning will continuously display if update_password is set to true, as it continuously attempts to set the password if being fed a sensitive value.
The text was updated successfully, but these errors were encountered: