Duplicate: Add sensitive support #857
Conversation
teluq-pbrideau
force-pushed
the
feat/sensitive_support
branch
from
611265b
to
e206bbd
Compare
|
While trying to add some basic tests about this change, I’ve discovered that the I’ve fixed the tests for them to run at least for CentOS, but they fail for other OS for reasons outside the scope of this PR: It should probably be fixed it its own PR… |
| @@ -182,7 +182,7 @@ | |||
| $ldap_clientcert = undef | |||
| $ldap_clientkey = undef | |||
| $ldap_reqcert = undef | |||
| $server_api_pass = 'zabbix' | |||
| $server_api_pass = Sensitive('zabbix') | |||
There was a problem hiding this comment.
I’m not sure if we should set default values as sensitive.
I’ve changed some tests because of this: if the default value is Sensitive, the output may be masked during tests, and the validation cannot be made. These lines are marked with this comment below:
# cleartext password must be explicitly declared in this test, otherwise the parser will secure content of the file
For example, see spec/classes/proxy_spec.rb:115
| # @param vmwareperffrequency | ||
| # Delay in seconds between performance counter statistics retrieval from a single VMware service. | ||
| # This delay should be set to the least update interval of any VMware monitoring item that uses VMware performance counters. |
There was a problem hiding this comment.
It would be better to open a new PR for the new parameter
| @@ -132,6 +135,7 @@ | |||
| # @param include_dir You may include individual files or all files in a directory in the configuration file. | |||
| # @param loadmodulepath Full path to location of server modules. | |||
| # @param loadmodule Module to load at server startup. | |||
| # @param sslcalocation_dir Location of certificate authority (CA) files for SSL server certificate verification. | |||
There was a problem hiding this comment.
It would be better to open a new PR for the new parameter
There was a problem hiding this comment.
My guess is @bdeferme discovered the following parameters in zabbix_server.conf while converting to the new epp template:
- SSLCALocation
- VMwarePerfFrequency
As they were present in upstream config, and noticed they were missing in the old erb template, and added them to be consistent with upstream config.
@root-expert I’ve deleted them as requested, but I think they should be included. However, I won’t go out of my way to create a new PR if it is not required in my own production environment.
| @@ -182,7 +182,7 @@ | |||
| $ldap_clientcert = undef | |||
| $ldap_clientkey = undef | |||
| $ldap_reqcert = undef | |||
| $server_api_pass = 'zabbix' | |||
| $server_api_pass = Sensitive('zabbix') | |||
Should be in its own pull request
It should be in its own PR
|
@teluq-pbrideau thanks for working on this! Can you please rebase against our master branch? |
|
@bastelfreak I’m sorry but rebasing was just a pain in the ass with all the conflicts. I solved the conflict once with the merge of your master branch |
|
You might see I added back the |
|
I’m not quite sure how to cleanup my git tree… Can we just squash to only one commit when we merge into master? |
|
I’ve been running the old changes in my production environment since my original PR, but I cannot test these new changes right now in a live environment. I’m stuck with a dependency cycle in my |
|
I’ve just successfully tested this PR in my development environment. The failing tests are out of my control, it was a timeout after 360 minutes: Can we force the tests to rerun and move forward with this? Or It can also be the changes #973! |
Pull Request (PR) description
This is a copy of #828, where @bdeferme do not have any more time to work on it. Here I tried to fix the tests.
This Pull Request (PR) fixes the following issues
Fixes #440
Fixes #950