puppet-puppetboard icon indicating copy to clipboard operation
puppet-puppetboard copied to clipboard

Published 20 hours ago verified publisher icon voxpupuli

Need to keep the secret key

Open jza34 opened this issue 1 year ago • 4 comments

Affected Puppet, Ruby, OS and module versions/distributions

  • Puppet: 7.25.0
  • Ruby:
  • Distribution: Debian bullseye
  • Module version: 9.0.0

How to reproduce (e.g Puppet code you use)

Setup puppetboard with the puppet module puppet-puppetboard Set a SECRET_KEY in settings.py Reload the agent with puppet agent -t

What are you seeing

SECRET_KEY is removed by the puppet agent

What behaviour did you expect instead

The SECRET_KEY is kept

Output log

Info: Applying configuration version '1691050084'
Notice: /Stage[main]/Puppetboard/File[/srv/puppetboard/puppetboard/settings.py]/content: 
--- /srv/puppetboard/puppetboard/settings.py	2023-08-03 09:20:20.477874187 +0200
+++ /tmp/puppet-file20230803-3834-1i1ihw4	2023-08-03 10:08:14.761189408 +0200
@@ -10,4 +10,3 @@
 OFFLINE_MODE = False
 DEFAULT_ENVIRONMENT = 'production'
 REPORTS_COUNT = 10
-SECRET_KEY = 'ihiouiuhiuhiuhiuh'

Notice: /Stage[main]/Puppetboard/File[/srv/puppetboard/puppetboard/settings.py]/content: 

Notice: /Stage[main]/Puppetboard/File[/srv/puppetboard/puppetboard/settings.py]/content: content changed '{sha256}8fee6afb11b6d03bb1df7e0bde817b791747fa8ac244537ffe5a9da0d1af597b' to '{sha256}cc309ef7c7ff7450f421c7ed56764cda060dbbdfe8b1fe0938219e9960d5990d' (corrective)

Any additional information you'd like to impart

Could be great to ask for a secret key when installing the module or to give a module parameter to set the key in the manifest

jza34 avatar Aug 03 '23 10:08 jza34

You can set the key when calling the class like this:

  class { 'puppetboard':
    extra_settings => {
      'SECRET_KEY' => "'12345abcde'",
    }

I agree it could be done in a more elegant way...

sid3windr avatar Aug 05 '23 16:08 sid3windr

I agree it could be done in a more elegant way...

(Arguably) a more elegant way has been added in https://github.com/voxpupuli/puppet-puppetboard/pull/375, we just need a new module release to make it available.

Can you do a release, please @smortex or @bastelfreak ?

gdubicki avatar Aug 07 '23 13:08 gdubicki

I would like to include https://github.com/voxpupuli/puppet-puppetboard/pull/388 in the release but I currently don't know why the tests fail.

bastelfreak avatar Aug 08 '23 20:08 bastelfreak

extra_settings route works perfect, but would be good to get a release so that we can just secret key as an option

ic248 avatar Sep 21 '23 09:09 ic248