diff options
| author | Bapu L <bapu.labade@progress.com> | 2022-06-21 14:14:24 +0530 |
|---|---|---|
| committer | Bapu L <bapu.labade@progress.com> | 2022-06-21 14:14:24 +0530 |
| commit | e8086d2733311a17d37698bc6e9d6bdaa2b96068 (patch) | |
| tree | 4d633f6d2815979aa881c51713f5f767d350b1f3 | |
| parent | 9894e49919e40798b6830720110fe99166b969bf (diff) | |
| download | chef-e8086d2733311a17d37698bc6e9d6bdaa2b96068.tar.gz | |
Property values should be suppressed irrespective of desired state
| -rw-r--r-- | lib/chef/mixin/properties.rb | 6 | ||||
| -rw-r--r-- | lib/chef/resource.rb | 2 | ||||
| -rw-r--r-- | spec/unit/resource_spec.rb | 22 |
3 files changed, 23 insertions, 7 deletions
diff --git a/lib/chef/mixin/properties.rb b/lib/chef/mixin/properties.rb index c42e3889b0..89cca2abac 100644 --- a/lib/chef/mixin/properties.rb +++ b/lib/chef/mixin/properties.rb @@ -274,6 +274,12 @@ class Chef result end + # This method returns list of sensitive properties + # @return [Array<Property>] All identity properties. + def sensitive_properties + properties.values.empty? ? [] : properties.values.select(&:sensitive?) + end + # Returns the name of the name property. Returns nil if there is no name property. # # @return [Symbol] the name property for this resource diff --git a/lib/chef/resource.rb b/lib/chef/resource.rb index d6c5fe7cdf..c9776fe346 100644 --- a/lib/chef/resource.rb +++ b/lib/chef/resource.rb @@ -660,8 +660,8 @@ class Chef text << "#{resource_name}(\"#{name}\") do\n" all_props = {} - self.class.state_properties.map do |p| + self.class.sensitive_properties.map do |p| all_props[p.name.to_s] = p.sensitive? ? '"*sensitive value suppressed*"' : value_to_text(p.get(self)) rescue Chef::Exceptions::ValidationFailed # This space left intentionally blank, the property was probably required or had an invalid default. diff --git a/spec/unit/resource_spec.rb b/spec/unit/resource_spec.rb index f0a624d5db..6634390391 100644 --- a/spec/unit/resource_spec.rb +++ b/spec/unit/resource_spec.rb @@ -385,13 +385,23 @@ describe Chef::Resource do resource.foo = "some value" expect(resource.to_text).to match(/foo "\*sensitive value suppressed\*"/) end - end - context "when property is required" do - it "does not propagate validation errors" do - resource_class = Class.new(Chef::Resource) { property :foo, String, required: true } - resource = resource_class.new("required_property_tests") - expect { resource.to_text }.to_not raise_error + it "suppresses that properties value for irrespective of desired state (false) " do + resource_class = Class.new(Chef::Resource) { + property :foo, String, sensitive: true, desired_state: false + } + resource = resource_class.new("desired_state_property_tests") + resource.foo = "some value" + expect(resource.to_text).to match(/foo "\*sensitive value suppressed\*"/) + end + + it "suppresses that properties value for irrespective of desired state (true) " do + resource_class = Class.new(Chef::Resource) { + property :foo, String, sensitive: true, desired_state: true + } + resource = resource_class.new("desired_state_property_tests") + resource.foo = "some value" + expect(resource.to_text).to match(/foo "\*sensitive value suppressed\*"/) end end end |