diff options
| author | Tom Duffield <tom@chef.io> | 2017-02-10 13:02:15 -0600 |
|---|---|---|
| committer | Tom Duffield <tom@chef.io> | 2017-02-10 13:05:50 -0600 |
| commit | 346ee33c99bb630ea60d59833f74c5c2c05bed97 (patch) | |
| tree | df29565c15e0237ab1b4bfe4e46780e15a79d3f9 | |
| parent | 963acf8094a67a26373311039c139daac0f0a8b4 (diff) | |
| download | chef-346ee33c99bb630ea60d59833f74c5c2c05bed97.tar.gz | |
Suppress sensitive properties from resource output
Signed-off-by: Tom Duffield <tom@chef.io>
| -rw-r--r-- | lib/chef/resource.rb | 17 | ||||
| -rw-r--r-- | spec/unit/resource_spec.rb | 18 |
2 files changed, 30 insertions, 5 deletions
diff --git a/lib/chef/resource.rb b/lib/chef/resource.rb index 36538b6e7a..3ed0cda825 100644 --- a/lib/chef/resource.rb +++ b/lib/chef/resource.rb @@ -667,15 +667,22 @@ class Chef def to_text return "suppressed sensitive resource output" if sensitive - ivars = instance_variables.map { |ivar| ivar.to_sym } - HIDDEN_IVARS text = "# Declared in #{@source_line}\n\n" text << "#{resource_name}(\"#{name}\") do\n" - ivars.each do |ivar| - if (value = instance_variable_get(ivar)) && !(value.respond_to?(:empty?) && value.empty?) - value_string = value.respond_to?(:to_text) ? value.to_text : value.inspect - text << " #{ivar.to_s.sub(/^@/, '')} #{value_string}\n" + + props = [] + self.class.state_properties.each do |p| + props << "@#{p.name}".to_sym + text << " #{p.name} #{p.sensitive? ? "\"*sensitive value suppressed*\"\n": "#{p.get(self).inspect}\n"}" + end + + ivars = instance_variables.map { |ivar| ivar.to_sym } - HIDDEN_IVARS - props + ivars.map { |i| i.to_s.sub(/^@/, "") }.each do |ivar| + if (value = instance_variable_get("@#{ivar}".to_sym)) && !(value.respond_to?(:empty?) && value.empty?) + text << " #{ivar.to_s.sub(/^@/, '')} #{value.respond_to?(:to_text) ? value.to_text : value.inspect}\n" end end + [@not_if, @only_if].flatten.each do |conditional| text << " #{conditional.to_text}\n" end diff --git a/spec/unit/resource_spec.rb b/spec/unit/resource_spec.rb index fbe4544c19..2f75ba0241 100644 --- a/spec/unit/resource_spec.rb +++ b/spec/unit/resource_spec.rb @@ -354,6 +354,24 @@ describe Chef::Resource do end end + describe "to_text" do + it "prints nice message" do + resource_class = Class.new(Chef::Resource) { property :foo, String } + resource = resource_class.new("sensitive_property_tests") + resource.foo = "some value" + expect(resource.to_text).to match(/foo "some value"/) + end + + context "when property is sensitive" do + it "supresses that properties value" do + resource_class = Class.new(Chef::Resource) { property :foo, String, sensitive: true } + resource = resource_class.new("sensitive_property_tests") + resource.foo = "some value" + expect(resource.to_text).to match(/foo "\*sensitive value suppressed\*"/) + end + end + end + describe "self.resource_name" do context "When resource_name is not set" do it "and there are no provides lines, resource_name is nil" do |