From b127d6229678f542d98364db1dc79cc3232fefe0 Mon Sep 17 00:00:00 2001 From: Nick Maludy Date: Thu, 20 Aug 2020 08:18:12 -0400 Subject: [PATCH 1/3] Make password and secure_json_data in grafana_datasource sensitive so passwords aren't leaked --- lib/puppet/type/grafana_datasource.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/puppet/type/grafana_datasource.rb b/lib/puppet/type/grafana_datasource.rb index c63c66f9f..35cffc200 100644 --- a/lib/puppet/type/grafana_datasource.rb +++ b/lib/puppet/type/grafana_datasource.rb @@ -58,6 +58,7 @@ newproperty(:password) do desc 'The password for the datasource (optional)' + sensitive true end newproperty(:database) do @@ -110,6 +111,7 @@ newproperty(:secure_json_data) do desc 'Additional secure JSON data to configure the datasource (optional)' + sensitive true validate do |value| unless value.nil? || value.is_a?(Hash) From 5515a3a2843fcfadfd141c843964b7530ec7a043 Mon Sep 17 00:00:00 2001 From: Nick Maludy Date: Thu, 20 Aug 2020 08:43:07 -0400 Subject: [PATCH 2/3] Fix whitespace linting issues --- manifests/config.pp | 7 +++---- manifests/init.pp | 1 - manifests/install.pp | 17 ++++++++--------- manifests/service.pp | 2 +- manifests/validator.pp | 1 - 5 files changed, 12 insertions(+), 16 deletions(-) diff --git a/manifests/config.pp b/manifests/config.pp index c14600001..580bebfc2 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -9,7 +9,7 @@ $cfg = $grafana::cfg $myprovision = false - file { 'grafana.ini': + file { 'grafana.ini': ensure => file, path => $grafana::cfg_location, content => template('grafana/config.ini.erb'), @@ -23,7 +23,7 @@ $cfg = $grafana::cfg $myprovision = true - file { 'grafana.ini': + file { 'grafana.ini': ensure => file, path => $grafana::cfg_location, content => template('grafana/config.ini.erb'), @@ -38,7 +38,7 @@ if $sysconfig_location and $sysconfig { $changes = $sysconfig.map |$key, $value| { "set ${key} ${value}" } - augeas{'sysconfig/grafana-server': + augeas { 'sysconfig/grafana-server': context => "/files${$sysconfig_location}", changes => $changes, notify => Class['grafana::service'], @@ -159,6 +159,5 @@ notify => Class['grafana::service'], } } - } } diff --git a/manifests/init.pp b/manifests/init.pp index 5e361f692..69a455293 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -167,7 +167,6 @@ String[1] $toml_package_ensure, Optional[String[1]] $toml_package_provider, ) { - contain grafana::install contain grafana::config contain grafana::service diff --git a/manifests/install.pp b/manifests/install.pp index 0cd3cd9de..e13b8481f 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -78,8 +78,8 @@ ensure => present, } - if ( $grafana::manage_package_repo ){ - if !defined( Class['apt'] ) { + if ( $grafana::manage_package_repo ) { + if !defined(Class['apt']) { include apt } apt::source { 'grafana': @@ -87,7 +87,7 @@ release => $grafana::repo_name, architecture => 'amd64,arm64,armhf', repos => 'main', - key => { + key => { 'id' => '4E40DDF6D76E284A4A6780E48C8C34C524098CB6', 'source' => 'https://packages.grafana.com/gpg.key', }, @@ -107,7 +107,7 @@ ensure => present, } - if ( $grafana::manage_package_repo ){ + if ( $grafana::manage_package_repo ) { # http://docs.grafana.org/installation/rpm/#install-via-yum-repository $baseurl = $grafana::repo_name ? { 'stable' => 'https://packages.grafana.com/oss/rpm', @@ -164,7 +164,7 @@ 'archive': { # create log directory /var/log/grafana (or parameterize) - if !defined(User['grafana']){ + if !defined(User['grafana']) { user { 'grafana': ensure => present, home => $grafana::install_dir, @@ -189,7 +189,6 @@ cleanup => true, require => File[$grafana::install_dir], } - } default: { fail("Installation method ${grafana::install_method} not supported") @@ -198,9 +197,9 @@ if $grafana::toml_manage_package and !empty($grafana::ldap_servers) { ensure_packages(['toml-pkg'], { - ensure => $grafana::toml_package_ensure, - name => $grafana::toml_package_name, - provider => $grafana::toml_package_provider, + ensure => $grafana::toml_package_ensure, + name => $grafana::toml_package_name, + provider => $grafana::toml_package_provider, }) Package['toml-pkg'] -> Grafana_ldap_config <||> diff --git a/manifests/service.pp b/manifests/service.pp index 03d34561c..c609c8f74 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -29,7 +29,7 @@ $service_path = "${grafana::install_dir}/bin/${grafana::service_name}" $service_config = "${grafana::install_dir}/conf/custom.ini" - if !defined(Service['grafana']){ + if !defined(Service['grafana']) { service { 'grafana': ensure => running, name => $grafana::service_name, diff --git a/manifests/validator.pp b/manifests/validator.pp index 399595d09..3e9f04af9 100644 --- a/manifests/validator.pp +++ b/manifests/validator.pp @@ -9,7 +9,6 @@ Stdlib::HTTPUrl $grafana_url = 'http://localhost:3000', Stdlib::Absolutepath $grafana_api_path = '/api/health', ) { - grafana_conn_validator { 'grafana': grafana_url => $grafana_url, grafana_api_path => $grafana_api_path, From 22daadb5613fbcdf4a7b7ba639bd75688cb74e78 Mon Sep 17 00:00:00 2001 From: Nick Maludy Date: Mon, 4 Jan 2021 13:12:24 -0500 Subject: [PATCH 3/3] Raise minimum Puppet version to 6.1.0. Fixing linting error. --- manifests/config.pp | 2 +- metadata.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/config.pp b/manifests/config.pp index 606e46488..341269f14 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -9,7 +9,7 @@ $cfg = $grafana::cfg $myprovision = false - file { 'grafana.ini': + file { 'grafana.ini': ensure => file, path => $grafana::cfg_location, content => template('grafana/config.ini.erb'), diff --git a/metadata.json b/metadata.json index 036011894..b7cddd2a8 100644 --- a/metadata.json +++ b/metadata.json @@ -63,7 +63,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 5.5.8 < 7.0.0" + "version_requirement": ">= 6.1.0 < 7.0.0" } ], "tags": [