Jira (PUP-8399) Exec onlyif and unless should support sensitive data

10 views
Skip to first unread message

Josh Cooper (JIRA)

unread,
Feb 21, 2018, 1:07:01 AM2/21/18
to puppe...@googlegroups.com
Josh Cooper updated an issue
 
Puppet / Improvement PUP-8399
Exec onlyif and unless should support sensitive data
Change By: Josh Cooper
Summary: Puppet log when powershell script fails Exec onlyif and unless should support sensitive data
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.5.1#75006-sha1:7df2574)
Atlassian logo

Josh Cooper (JIRA)

unread,
Apr 16, 2019, 12:36:03 PM4/16/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Sprint: Coremunity Grooming
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Atlassian logo

Jorie Tappa (JIRA)

unread,
Jun 12, 2019, 4:39:03 PM6/12/19
to puppe...@googlegroups.com
Jorie Tappa updated an issue
Change By: Jorie Tappa
Comment: A comment with security level 'Developers' was removed.

Jorie Tappa (JIRA)

unread,
Jul 22, 2019, 12:42:04 PM7/22/19
to puppe...@googlegroups.com
Jorie Tappa assigned an issue to Kris Bosland
Change By: Jorie Tappa
Assignee: Kris Bosland

Jorie Tappa (JIRA)

unread,
Jul 22, 2019, 12:42:04 PM7/22/19
to puppe...@googlegroups.com
Jorie Tappa updated an issue
Change By: Jorie Tappa
Sprint: Coremunity Grooming Platform Core KANBAN

Kris Bosland (JIRA)

unread,
Aug 5, 2019, 5:16:04 PM8/5/19
to puppe...@googlegroups.com
Kris Bosland commented on Improvement PUP-8399
 
Re: Exec onlyif and unless should support sensitive data

This seems to have been solved by PUP-9357:

% cat ../tmp/pup-8399/unless_fail.pp                                                                                                                     ±[remotes/upstream/5.5.x]$mypassword = Sensitive('mypasswordhere')
 
exec { 'test_sensitive':
 
  command => "/bin/sh -c echo command",
 
  unless => "/bin/sh -c echo $mypassword; exit 0",
 
  #onlyif => "/bin/sh -c echo $mypassword; exit 1",
 
}
 
% bx puppet apply ../tmp/pup-8399/unless_fail.pp --debug
 
...
 
Debug: Exec[test_sensitive](provider=posix): Executing check '/bin/sh -c echo Sensitive [value redacted]; exit 0'
 
Debug: Executing: '/bin/sh -c echo Sensitive [value redacted]; exit 0'
 
Debug: /Stage[main]/Main/Exec[test_sensitive]: '/bin/sh -c echo command' won't be executed because of failed check 'unless'
 
...

with similar results for the onlyif command.

Josh Cooper (JIRA)

unread,
Aug 8, 2019, 12:12:03 PM8/8/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
 
Change By: Josh Cooper
Fix Version/s: PUP 6.4.0
Fix Version/s: PUP 6.0.7
Fix Version/s: PUP 5.5.12
Reply all
Reply to author
Forward
0 new messages