diff options
| author | John Keiser <john@johnkeiser.com> | 2015-10-27 20:37:24 -0700 |
|---|---|---|
| committer | John Keiser <john@johnkeiser.com> | 2015-10-27 20:37:24 -0700 |
| commit | cc51b2f0504a32d7e55d2c445f22baf9ed30b031 (patch) | |
| tree | f1b459f08b7e8290bf112495de831dd44f7aca78 | |
| parent | 30ff430b33dc15cf5d2b17bc0a2115b5bf68f52d (diff) | |
| parent | f87153105104bb586b399352163fb901ea61ee86 (diff) | |
| download | chef-cc51b2f0504a32d7e55d2c445f22baf9ed30b031.tar.gz | |
Merge branch 'chasebolt-sensitive'
| -rw-r--r-- | lib/chef/provider.rb | 27 | ||||
| -rw-r--r-- | spec/integration/recipes/resource_converge_if_changed_spec.rb | 72 |
2 files changed, 92 insertions, 7 deletions
diff --git a/lib/chef/provider.rb b/lib/chef/provider.rb index e22f11d9be..d4cce075e5 100644 --- a/lib/chef/provider.rb +++ b/lib/chef/provider.rb @@ -204,26 +204,39 @@ class Chef specified_properties = properties.select { |property| new_resource.property_is_set?(property) } modified = specified_properties.select { |p| new_resource.send(p) != current_resource.send(p) } if modified.empty? - Chef::Log.debug("Skipping update of #{new_resource.to_s}: has not changed any of the specified properties #{specified_properties.map { |p| "#{p}=#{new_resource.send(p).inspect}" }.join(", ")}.") + properties_str = if sensitive + specified_properties.join(", ") + else + specified_properties.map { |p| "#{p}=#{new_resource.send(p).inspect}" }.join(", ") + end + Chef::Log.debug("Skipping update of #{new_resource.to_s}: has not changed any of the specified properties #{properties_str}.") return false end # Print the pretty green text and run the block property_size = modified.map { |p| p.size }.max - modified = modified.map { |p| " set #{p.to_s.ljust(property_size)} to #{new_resource.send(p).inspect} (was #{current_resource.send(p).inspect})" } + modified.map! do |p| + properties_str = if sensitive + '(suppressed sensitive property)' + else + "#{new_resource.send(p).inspect} (was #{current_resource.send(p).inspect})" + end + " set #{p.to_s.ljust(property_size)} to #{properties_str}" + end converge_by([ "update #{current_resource.identity}" ] + modified, &converge_block) else # The resource doesn't exist. Mark that we are *creating* this, and # write down any properties we are setting. property_size = properties.map { |p| p.size }.max - created = [] - properties.each do |property| - if new_resource.property_is_set?(property) - created << " set #{property.to_s.ljust(property_size)} to #{new_resource.send(property).inspect}" + created = properties.map do |property| + default = ' (default value)' unless new_resource.property_is_set?(property) + properties_str = if sensitive + '(suppressed sensitive property)' else - created << " set #{property.to_s.ljust(property_size)} to #{new_resource.send(property).inspect} (default value)" + new_resource.send(property).inspect end + " set #{property.to_s.ljust(property_size)} to #{properties_str}#{default}" end converge_by([ "create #{new_resource.identity}" ] + created, &converge_block) diff --git a/spec/integration/recipes/resource_converge_if_changed_spec.rb b/spec/integration/recipes/resource_converge_if_changed_spec.rb index 82d38a8faf..f3b562c50d 100644 --- a/spec/integration/recipes/resource_converge_if_changed_spec.rb +++ b/spec/integration/recipes/resource_converge_if_changed_spec.rb @@ -110,6 +110,29 @@ EOM end end + context "and state1 and state2 are set to new sensitive values" do + let(:converge_recipe) { + <<-EOM + #{resource_name} 'blah' do + sensitive true + state1 'new_state1' + state2 'new_state2' + end + EOM + } + + it "the resource updates state1 and state2" do + expect(resource.converged).to eq 1 + expect(resource.updated?).to be_truthy + expect(converged_recipe.stdout).to eq <<-EOM +* #{resource_name}[blah] action create + - update default_identity1 + - set state1 to (suppressed sensitive property) + - set state2 to (suppressed sensitive property) +EOM + end + end + context "and state1 is set to its current value but state2 is set to a new value" do let(:converge_recipe) { <<-EOM @@ -249,6 +272,30 @@ EOM EOM end end + + context "and state1 and state2 are set with sensitive property" do + let(:converge_recipe) { + <<-EOM + #{resource_name} 'blah' do + sensitive true + state1 'new_state1' + state2 'new_state2' + end + EOM + } + + it "the resource is created" do + expect(resource.converged).to eq 1 + expect(resource.updated?).to be_truthy + expect(converged_recipe.stdout).to eq <<-EOM +* #{resource_name}[blah] action create + - create default_identity1 + - set identity1 to (suppressed sensitive property) (default value) + - set state1 to (suppressed sensitive property) + - set state2 to (suppressed sensitive property) +EOM + end + end end end @@ -416,6 +463,31 @@ EOM EOM end end + + context "and state1 and state2 are set to new sensitive values" do + let(:converge_recipe) { + <<-EOM + #{resource_name} 'blah' do + sensitive true + state1 'new_state1' + state2 'new_state2' + end + EOM + } + + it "the resource is created" do + expect(resource.converged).to eq 2 + expect(resource.updated?).to be_truthy + expect(converged_recipe.stdout).to eq <<-EOM +* #{resource_name}[blah] action create + - create default_identity1 + - set state1 to (suppressed sensitive property) + - create default_identity1 + - set state2 to (suppressed sensitive property) +EOM + end + end + end end |