Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mask/redact password and secure_json_data in grafana_datasource; require at least puppet 6.1.0 #221

Merged
merged 4 commits into from
Jan 4, 2021
Merged

Mask/redact password and secure_json_data in grafana_datasource; require at least puppet 6.1.0 #221

merged 4 commits into from
Jan 4, 2021

Conversation

nmaludy
Copy link
Member

@nmaludy nmaludy commented Aug 20, 2020
edited
Loading

Previously, when configuring a datasource with a password, the grafana_datasource resource would leak on the CLI and in the puppet report:

Notice: /Stage[main]/Profile::Grafana/Grafana_datasource[postgres]/secure_json_data: secure_json_data changed  to {
  'password' => 'mysweetpassword1'
} (corrective)

Now with this fix, the password or secure_json_data field changes emit the following diff:

Notice: /Stage[main]/Profile::Grafana/Grafana_datasource[postgres]/secure_json_data: changed [redacted] to [redacted]

There were also several linting / whitespace issues caught by CI, i've fixed these in the PR.

@nmaludy nmaludy added the bug Something isn't working label Aug 20, 2020
@nmaludy nmaludy self-assigned this Aug 20, 2020
@nmaludy nmaludy force-pushed the bugfix/secure-json-data branch from fcf18bd to 5515a3a Compare August 20, 2020 12:45
@bastelfreak
Copy link
Member

this looks good to me, but I'm far away from being an expert for sensitive type. I'm referring to @alexjfisher here.

igalic
igalic reviewed Aug 21, 2020
View reviewed changes
Copy link

@igalic igalic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙋🏻‍♀️

manifests/install.pp Outdated Show resolved Hide resolved
@vox-pupuli-tasks
Copy link

Dear @nmaludy, thanks for the PR!

This is Vox Pupuli Tasks, your friendly Vox Pupuli GitHub Bot. I noticed that your pull request contains merge conflict. Can you please rebase?

You can find my sourcecode at voxpupuli/vox-pupuli-tasks

alexjfisher
alexjfisher requested changes Oct 8, 2020
View reviewed changes
Copy link
Member

@alexjfisher alexjfisher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IIRC, this DSL is only available in Puppet 6, so this would break for puppet 5 users??

See puppetlabs/puppetlabs-yumrepo_core#6

@bastelfreak
Copy link
Member

I guess a puppet 6 requirement is fine now since Puppet 5 is EoL? @nmaludy can you rebase please?

@nmaludy
Copy link
Member Author

nmaludy commented Jan 4, 2021

@bastelfreak rebase complete!

@bastelfreak
Copy link
Member

can you take a look the linter complains and raise the required puppet version in metadata.json to 6.1.0 ?

@bastelfreak bastelfreak changed the title Mask/redact password and secure_json_data in grafana_datasource Mask/redact password and secure_json_data in grafana_datasource; require at least puppet 6.1.0 Jan 4, 2021
@bastelfreak bastelfreak merged commit 12464fa into master Jan 4, 2021
@bastelfreak bastelfreak deleted the bugfix/secure-json-data branch January 4, 2021 18:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@igalic igalic igalic left review comments

@alexjfisher alexjfisher alexjfisher requested changes

@bastelfreak bastelfreak bastelfreak approved these changes

Assignees

@nmaludy nmaludy

Labels
backwards-incompatible
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nmaludy @bastelfreak @alexjfisher @igalic