puppet-gitlab
puppet-gitlab copied to clipboard
voxpupuli
Add option to disable output of config diff
Pull Request (PR) description
I configure my authentication through azure_activedirectory_v2, and I don’t want my client_secret to be displayed in clear in the puppet logs.
Converting the gitlab.rb.erb to .epp so it supports the sensitive type would probably be cleaner, but I did not have success with it. So this PR add option to disable output of the diff for sensitive information
class example {
class { 'gitlab' :
[...]
config_show_diff => false,
}
}
I’ve included the option to also affect the file containing $pgbouncer_password, as it is sensitive information. Is it is already a epp template, it could support sensitive type, but as I did not convert to the sensitive type elsewhere, it seemed simpler this way.
Feel free to comment if I missed anything.
This Pull Request (PR) fixes the following issues
Fixes #363
I sure can default the $config_show_diff in the init.pp to false if you want to. I was just trying to not change anything from the default values, but I agree it could be set secured by default.
Would you like me to add the config_show_diff option to global_hook.pp, system_hook.pp and custom_hook.pp, and set the default value to false? It would give option to people who want to display the diff be able to do it.
@smortex I’ve stumble over this today, is there anything else I could do to make the change to get merged?
@teluq-pbrideau Please rebase with out master branch and it can be merged afterwards
