From 032e0114d942889fdc55f8dfe535573e1080c7cf Mon Sep 17 00:00:00 2001 From: ZhongShengping Date: Tue, 28 Mar 2017 18:02:55 +0800 Subject: [PATCH] Password should be secured Change-Id: I98fb0b7122cd624041aa35d5ad052b4debb68519 Closes-Bug: #1676708 --- manifests/agents/ml2/vpp.pp | 22 ++++---- manifests/plugins/ml2/arista.pp | 2 +- manifests/plugins/ml2/arista/l3.pp | 2 +- manifests/plugins/ml2/cisco/nexus1000v.pp | 52 +++++++++---------- manifests/plugins/ml2/cisco/nexus_switch.pp | 2 +- manifests/plugins/ml2/cisco/ucsm.pp | 3 +- manifests/plugins/ml2/fujitsu/cfab.pp | 4 +- manifests/plugins/ml2/fujitsu/fossw.pp | 4 +- manifests/plugins/ml2/opendaylight.pp | 2 +- manifests/plugins/ml2/vpp.pp | 10 ++-- manifests/plugins/plumgrid.pp | 4 +- spec/classes/neutron_agents_l3_spec.rb | 22 ++++---- .../neutron_plugins_ml2_arista_l3_spec.rb | 2 +- .../neutron_plugins_ml2_arista_spec.rb | 2 +- ...utron_plugins_ml2_cisco_nexus1000v_spec.rb | 32 ++++++------ .../neutron_plugins_ml2_cisco_ucsm_spec.rb | 16 +++--- .../neutron_plugins_ml2_fujitsu_cfab_spec.rb | 20 +++---- .../neutron_plugins_ml2_fujitsu_fossw_spec.rb | 22 ++++---- .../neutron_plugins_ml2_opendaylight_spec.rb | 2 +- spec/classes/neutron_plugins_ml2_vpp_spec.rb | 8 +-- .../neutron_plugins_opencontrail_spec.rb | 2 +- spec/classes/neutron_plugins_plumgrid_spec.rb | 6 +-- 22 files changed, 120 insertions(+), 121 deletions(-) diff --git a/manifests/agents/ml2/vpp.pp b/manifests/agents/ml2/vpp.pp index f17d67e87..f8204024e 100644 --- a/manifests/agents/ml2/vpp.pp +++ b/manifests/agents/ml2/vpp.pp @@ -43,15 +43,15 @@ # Defaults to false. # class neutron::agents::ml2::vpp ( - $package_ensure = 'present', - $enabled = true, - $manage_service = true, - $physnets = $::os_service_default, - $etcd_host = $::os_service_default, - $etcd_port = $::os_service_default, - $etcd_user = $::os_service_default, - $etcd_pass = $::os_service_default, - $purge_config = false, + $package_ensure = 'present', + $enabled = true, + $manage_service = true, + $physnets = $::os_service_default, + $etcd_host = $::os_service_default, + $etcd_port = $::os_service_default, + $etcd_user = $::os_service_default, + $etcd_pass = $::os_service_default, + $purge_config = false, ) { include ::neutron::deps include ::neutron::params @@ -61,12 +61,12 @@ class neutron::agents::ml2::vpp ( } neutron_agent_vpp { - 'ml2_vpp/physnets': value => $physnets; + 'ml2_vpp/physnets': value => $physnets; 'ml2_vpp/etcd_host': value => $etcd_host; 'ml2_vpp/etcd_port': value => $etcd_port; 'ml2_vpp/etcd_user': value => $etcd_user; 'ml2_vpp/etcd_pass': value => $etcd_pass; - 'DEFAULT/host': value => $::hostname; + 'DEFAULT/host': value => $::hostname; } package { 'neutron-vpp-agent': diff --git a/manifests/plugins/ml2/arista.pp b/manifests/plugins/ml2/arista.pp index 4f9006284..36188beda 100644 --- a/manifests/plugins/ml2/arista.pp +++ b/manifests/plugins/ml2/arista.pp @@ -58,7 +58,7 @@ class neutron::plugins::ml2::arista( neutron_plugin_ml2 { 'ml2_arista/eapi_host' : value => $eapi_host; 'ml2_arista/eapi_username': value => $eapi_username; - 'ml2_arista/eapi_password': value => $eapi_password; + 'ml2_arista/eapi_password': value => $eapi_password, secret => true; 'ml2_arista/region_name' : value => $region_name; 'ml2_arista/sync_interval': value => $sync_interval; 'ml2_arista/use_fqdn' : value => $use_fqdn; diff --git a/manifests/plugins/ml2/arista/l3.pp b/manifests/plugins/ml2/arista/l3.pp index e6c20a2fe..aef1e5487 100644 --- a/manifests/plugins/ml2/arista/l3.pp +++ b/manifests/plugins/ml2/arista/l3.pp @@ -70,7 +70,7 @@ class neutron::plugins::ml2::arista::l3( neutron_plugin_ml2 { 'l3_arista/primary_l3_host' : value => $primary_l3_host; 'l3_arista/primary_l3_host_username': value => $primary_l3_host_username; - 'l3_arista/primary_l3_host_password': value => $primary_l3_host_password; + 'l3_arista/primary_l3_host_password': value => $primary_l3_host_password, secret => true; 'l3_arista/secondary_l3_host' : value => $secondary_l3_host; 'l3_arista/mlag_config' : value => $mlag_config; 'l3_arista/l3_sync_interval' : value => $l3_sync_interval; diff --git a/manifests/plugins/ml2/cisco/nexus1000v.pp b/manifests/plugins/ml2/cisco/nexus1000v.pp index 4a1264b83..a9b15ef0f 100644 --- a/manifests/plugins/ml2/cisco/nexus1000v.pp +++ b/manifests/plugins/ml2/cisco/nexus1000v.pp @@ -72,19 +72,19 @@ # enable_vif_type_n1kv = False # class neutron::plugins::ml2::cisco::nexus1000v ( - $n1kv_vsm_ip = $::os_service_default, - $n1kv_vsm_username = $::os_service_default, - $n1kv_vsm_password = $::os_service_default, - $default_policy_profile = 'default-pp', - $default_vlan_network_profile = 'default-vlan-np', - $default_vxlan_network_profile = 'default-vxlan-np', - $poll_duration = '60', - $http_pool_size = '4', - $http_timeout = '15', - $sync_interval = '300', - $max_vsm_retries = '2', - $restrict_policy_profiles = 'False', - $enable_vif_type_n1kv = 'False', + $n1kv_vsm_ip = $::os_service_default, + $n1kv_vsm_username = $::os_service_default, + $n1kv_vsm_password = $::os_service_default, + $default_policy_profile = 'default-pp', + $default_vlan_network_profile = 'default-vlan-np', + $default_vxlan_network_profile = 'default-vxlan-np', + $poll_duration = '60', + $http_pool_size = '4', + $http_timeout = '15', + $sync_interval = '300', + $max_vsm_retries = '2', + $restrict_policy_profiles = 'False', + $enable_vif_type_n1kv = 'False', ) { @@ -92,19 +92,19 @@ class neutron::plugins::ml2::cisco::nexus1000v ( include ::neutron::plugins::ml2::cisco neutron_plugin_ml2 { - 'ml2_cisco_n1kv/n1kv_vsm_ips' : value => $n1kv_vsm_ip; - 'ml2_cisco_n1kv/username' : value => $n1kv_vsm_username; - 'ml2_cisco_n1kv/password' : value => $n1kv_vsm_password; - 'ml2_cisco_n1kv/default_policy_profile' : value => $default_policy_profile; - 'ml2_cisco_n1kv/default_vlan_network_profile' : value => $default_vlan_network_profile; - 'ml2_cisco_n1kv/default_vxlan_network_profile' : value => $default_vxlan_network_profile; - 'ml2_cisco_n1kv/poll_duration' : value => $poll_duration; - 'ml2_cisco_n1kv/http_pool_size' : value => $http_pool_size; - 'ml2_cisco_n1kv/http_timeout' : value => $http_timeout; - 'ml2_cisco_n1kv/sync_interval' : value => $sync_interval; - 'ml2_cisco_n1kv/max_vsm_retries' : value => $max_vsm_retries; - 'ml2_cisco_n1kv/restrict_policy_profiles' : value => $restrict_policy_profiles; - 'ml2_cisco_n1kv/enable_vif_type_n1kv' : value => $enable_vif_type_n1kv; + 'ml2_cisco_n1kv/n1kv_vsm_ips' : value => $n1kv_vsm_ip; + 'ml2_cisco_n1kv/username' : value => $n1kv_vsm_username; + 'ml2_cisco_n1kv/password' : value => $n1kv_vsm_password, secret => true; + 'ml2_cisco_n1kv/default_policy_profile' : value => $default_policy_profile; + 'ml2_cisco_n1kv/default_vlan_network_profile' : value => $default_vlan_network_profile; + 'ml2_cisco_n1kv/default_vxlan_network_profile' : value => $default_vxlan_network_profile; + 'ml2_cisco_n1kv/poll_duration' : value => $poll_duration; + 'ml2_cisco_n1kv/http_pool_size' : value => $http_pool_size; + 'ml2_cisco_n1kv/http_timeout' : value => $http_timeout; + 'ml2_cisco_n1kv/sync_interval' : value => $sync_interval; + 'ml2_cisco_n1kv/max_vsm_retries' : value => $max_vsm_retries; + 'ml2_cisco_n1kv/restrict_policy_profiles' : value => $restrict_policy_profiles; + 'ml2_cisco_n1kv/enable_vif_type_n1kv' : value => $enable_vif_type_n1kv; } } diff --git a/manifests/plugins/ml2/cisco/nexus_switch.pp b/manifests/plugins/ml2/cisco/nexus_switch.pp index 185ee559f..128d226b4 100644 --- a/manifests/plugins/ml2/cisco/nexus_switch.pp +++ b/manifests/plugins/ml2/cisco/nexus_switch.pp @@ -94,7 +94,7 @@ define neutron::plugins::ml2::cisco::nexus_switch( $section = "ML2_MECH_CISCO_NEXUS:${ip_address}" neutron_plugin_ml2 { "${section}/username": value => $username; - "${section}/password": value => $password; + "${section}/password": value => $password, secret => true; "${section}/ssh_port": value => $ssh_port; "${section}/nve_src_intf": value => $nve_src_intf; "${section}/physnet": value => $physnet; diff --git a/manifests/plugins/ml2/cisco/ucsm.pp b/manifests/plugins/ml2/cisco/ucsm.pp index 7d9697158..ebbf7694e 100644 --- a/manifests/plugins/ml2/cisco/ucsm.pp +++ b/manifests/plugins/ml2/cisco/ucsm.pp @@ -27,7 +27,6 @@ # Example: # [ '2222:3333', '4444:5555' ] # - class neutron::plugins::ml2::cisco::ucsm ( $ucsm_ip, $ucsm_username, @@ -42,7 +41,7 @@ class neutron::plugins::ml2::cisco::ucsm ( neutron_plugin_ml2 { 'ml2_cisco_ucsm/ucsm_ip' : value => $ucsm_ip; 'ml2_cisco_ucsm/ucsm_username' : value => $ucsm_username; - 'ml2_cisco_ucsm/ucsm_password' : value => $ucsm_password; + 'ml2_cisco_ucsm/ucsm_password' : value => $ucsm_password, secret => true; 'ml2_cisco_ucsm/ucsm_host_list' : value => $ucsm_host_list; 'ml2_cisco_ucsm/supported_pci_devs' : value => $supported_pci_devs; } diff --git a/manifests/plugins/ml2/fujitsu/cfab.pp b/manifests/plugins/ml2/fujitsu/cfab.pp index 33625683d..6479fa03f 100644 --- a/manifests/plugins/ml2/fujitsu/cfab.pp +++ b/manifests/plugins/ml2/fujitsu/cfab.pp @@ -35,7 +35,7 @@ # (optional) Whether to save configuration. # Example: true # Defaults to true - +# class neutron::plugins::ml2::fujitsu::cfab ( $address, $username, @@ -51,7 +51,7 @@ class neutron::plugins::ml2::fujitsu::cfab ( neutron_plugin_ml2 { 'fujitsu_cfab/address' : value => $address; 'fujitsu_cfab/username' : value => $username; - 'fujitsu_cfab/password' : value => $password; + 'fujitsu_cfab/password' : value => $password, secret => true; 'fujitsu_cfab/physical_networks' : value => join(any2array($physical_networks), ','); 'fujitsu_cfab/share_pprofile' : value => $share_pprofile; 'fujitsu_cfab/pprofile_prefix' : value => $pprofile_prefix; diff --git a/manifests/plugins/ml2/fujitsu/fossw.pp b/manifests/plugins/ml2/fujitsu/fossw.pp index 03dd7e88c..11779800b 100644 --- a/manifests/plugins/ml2/fujitsu/fossw.pp +++ b/manifests/plugins/ml2/fujitsu/fossw.pp @@ -45,7 +45,7 @@ # (optional) The port number which OVSDB server on the fos switches listen. # Example: 6640 # Defaults to 6640 - +# class neutron::plugins::ml2::fujitsu::fossw ( $fossw_ips, $username, @@ -62,7 +62,7 @@ class neutron::plugins::ml2::fujitsu::fossw ( neutron_plugin_ml2 { 'fujitsu_fossw/fossw_ips' : value => join(any2array($fossw_ips), ','); 'fujitsu_fossw/username' : value => $username; - 'fujitsu_fossw/password' : value => $password; + 'fujitsu_fossw/password' : value => $password, secret => true; 'fujitsu_fossw/port' : value => $port; 'fujitsu_fossw/timeout' : value => $timeout; 'fujitsu_fossw/udp_dest_port' : value => $udp_dest_port; diff --git a/manifests/plugins/ml2/opendaylight.pp b/manifests/plugins/ml2/opendaylight.pp index 13b56c4fe..b19594a1f 100644 --- a/manifests/plugins/ml2/opendaylight.pp +++ b/manifests/plugins/ml2/opendaylight.pp @@ -59,7 +59,7 @@ class neutron::plugins::ml2::opendaylight ( neutron_plugin_ml2 { 'ml2_odl/username': value => $odl_username; - 'ml2_odl/password': value => $odl_password; + 'ml2_odl/password': value => $odl_password, secret => true; 'ml2_odl/url': value => $odl_url; 'ml2_odl/port_binding_controller': value => $port_binding_controller; 'ml2_odl/odl_hostconf_uri': value => $odl_hostconf_uri; diff --git a/manifests/plugins/ml2/vpp.pp b/manifests/plugins/ml2/vpp.pp index 837a6148d..0410a43ea 100644 --- a/manifests/plugins/ml2/vpp.pp +++ b/manifests/plugins/ml2/vpp.pp @@ -21,10 +21,10 @@ # Defaults to $::os_service_default. # class neutron::plugins::ml2::vpp ( - $etcd_host = $::os_service_default, - $etcd_port = $::os_service_default, - $etcd_user = $::os_service_default, - $etcd_pass = $::os_service_default, + $etcd_host = $::os_service_default, + $etcd_port = $::os_service_default, + $etcd_user = $::os_service_default, + $etcd_pass = $::os_service_default, ) { include ::neutron::deps require ::neutron::plugins::ml2 @@ -33,6 +33,6 @@ class neutron::plugins::ml2::vpp ( 'ml2_vpp/etcd_host': value => $etcd_host; 'ml2_vpp/etcd_port': value => $etcd_port; 'ml2_vpp/etcd_user': value => $etcd_user; - 'ml2_vpp/etcd_pass': value => $etcd_pass; + 'ml2_vpp/etcd_pass': value => $etcd_pass, secret => true; } } diff --git a/manifests/plugins/plumgrid.pp b/manifests/plugins/plumgrid.pp index 28b5bcfb6..39395e47a 100644 --- a/manifests/plugins/plumgrid.pp +++ b/manifests/plugins/plumgrid.pp @@ -170,7 +170,7 @@ class neutron::plugins::plumgrid ( 'database/connection': value => $connection; 'l2gateway/vendor': value => $l2gateway_vendor; 'l2gateway/sw_username': value => $l2gateway_sw_username; - 'l2gateway/sw_password': value => $l2gateway_sw_password; + 'l2gateway/sw_password': value => $l2gateway_sw_password, secret =>true; } neutron_plumlib_plumgrid { @@ -185,7 +185,7 @@ class neutron::plugins::plumgrid ( 'PLUMgridMetadata/nova_metadata_ip': value => $nova_metadata_ip; 'PLUMgridMetadata/nova_metadata_port': value => $nova_metadata_port; 'PLUMgridMetadata/nova_metadata_subnet': value => $nova_metadata_subnet; - 'PLUMgridMetadata/metadata_proxy_shared_secret': value => $metadata_proxy_shared_secret; + 'PLUMgridMetadata/metadata_proxy_shared_secret': value => $metadata_proxy_shared_secret, secret =>true; 'ConnectorType/connector_type': value => $connector_type; } } diff --git a/spec/classes/neutron_agents_l3_spec.rb b/spec/classes/neutron_agents_l3_spec.rb index 19afe0a33..1b40e9348 100644 --- a/spec/classes/neutron_agents_l3_spec.rb +++ b/spec/classes/neutron_agents_l3_spec.rb @@ -7,20 +7,20 @@ describe 'neutron::agents::l3' do end let :default_params do - { :package_ensure => 'present', - :enabled => true, - :debug => false, - :interface_driver => 'neutron.agent.linux.interface.OVSInterfaceDriver', - :ha_enabled => false, - :ha_vrrp_auth_type => 'PASS', - :ha_vrrp_advert_int => '3', - :agent_mode => 'legacy', - :purge_config => false } + { :package_ensure => 'present', + :enabled => true, + :debug => false, + :interface_driver => 'neutron.agent.linux.interface.OVSInterfaceDriver', + :ha_enabled => false, + :ha_vrrp_auth_type => 'PASS', + :ha_vrrp_advert_int => '3', + :agent_mode => 'legacy', + :purge_config => false } end let :test_facts do - { :operatingsystem => 'default', - :operatingsystemrelease => 'default' + { :operatingsystem => 'default', + :operatingsystemrelease => 'default' } end diff --git a/spec/classes/neutron_plugins_ml2_arista_l3_spec.rb b/spec/classes/neutron_plugins_ml2_arista_l3_spec.rb index 4b770d483..530f27a40 100644 --- a/spec/classes/neutron_plugins_ml2_arista_l3_spec.rb +++ b/spec/classes/neutron_plugins_ml2_arista_l3_spec.rb @@ -55,7 +55,7 @@ describe 'neutron::plugins::ml2::arista::l3' do it 'configures ml2 arista l3_arista settings' do is_expected.to contain_neutron_plugin_ml2('l3_arista/primary_l3_host').with_value(params[:primary_l3_host]) is_expected.to contain_neutron_plugin_ml2('l3_arista/primary_l3_host_username').with_value(params[:primary_l3_host_username]) - is_expected.to contain_neutron_plugin_ml2('l3_arista/primary_l3_host_password').with_value(params[:primary_l3_host_password]) + is_expected.to contain_neutron_plugin_ml2('l3_arista/primary_l3_host_password').with_value(params[:primary_l3_host_password]).with_secret(true) end end diff --git a/spec/classes/neutron_plugins_ml2_arista_spec.rb b/spec/classes/neutron_plugins_ml2_arista_spec.rb index 720fab08c..4e557abdc 100644 --- a/spec/classes/neutron_plugins_ml2_arista_spec.rb +++ b/spec/classes/neutron_plugins_ml2_arista_spec.rb @@ -54,7 +54,7 @@ describe 'neutron::plugins::ml2::arista' do it 'configures ml2 arista settings' do is_expected.to contain_neutron_plugin_ml2('ml2_arista/eapi_host').with_value(params[:eapi_host]) is_expected.to contain_neutron_plugin_ml2('ml2_arista/eapi_username').with_value(params[:eapi_username]) - is_expected.to contain_neutron_plugin_ml2('ml2_arista/eapi_password').with_value(params[:eapi_password]) + is_expected.to contain_neutron_plugin_ml2('ml2_arista/eapi_password').with_value(params[:eapi_password]).with_secret(true) end end diff --git a/spec/classes/neutron_plugins_ml2_cisco_nexus1000v_spec.rb b/spec/classes/neutron_plugins_ml2_cisco_nexus1000v_spec.rb index 7a81b4037..81f113eaa 100644 --- a/spec/classes/neutron_plugins_ml2_cisco_nexus1000v_spec.rb +++ b/spec/classes/neutron_plugins_ml2_cisco_nexus1000v_spec.rb @@ -18,19 +18,19 @@ describe 'neutron::plugins::ml2::cisco::nexus1000v' do let :default_params do { - :n1kv_vsm_ip => '10.10.10.10', - :n1kv_vsm_username => 'admin', - :n1kv_vsm_password => 'password', - :default_policy_profile => 'default-pp', - :default_vlan_network_profile => 'default-vlan-np', + :n1kv_vsm_ip => '10.10.10.10', + :n1kv_vsm_username => 'admin', + :n1kv_vsm_password => 'password', + :default_policy_profile => 'default-pp', + :default_vlan_network_profile => 'default-vlan-np', :default_vxlan_network_profile => 'default-vxlan-np', - :poll_duration => '60', - :http_pool_size => '4', - :http_timeout => '15', - :sync_interval => '300', - :max_vsm_retries => '2', - :restrict_policy_profiles => 'False', - :enable_vif_type_n1kv => 'False', + :poll_duration => '60', + :http_pool_size => '4', + :http_timeout => '15', + :sync_interval => '300', + :max_vsm_retries => '2', + :restrict_policy_profiles => 'False', + :enable_vif_type_n1kv => 'False', } end @@ -39,9 +39,9 @@ describe 'neutron::plugins::ml2::cisco::nexus1000v' do end let :test_facts do - { :operatingsystem => 'default', - :operatingsystemrelease => 'default', - :concat_basedir => '/', + { :operatingsystem => 'default', + :operatingsystemrelease => 'default', + :concat_basedir => '/', } end @@ -56,7 +56,7 @@ describe 'neutron::plugins::ml2::cisco::nexus1000v' do it do is_expected.to contain_neutron_plugin_ml2('ml2_cisco_n1kv/n1kv_vsm_ips').with_value(params[:n1kv_vsm_ip]) is_expected.to contain_neutron_plugin_ml2('ml2_cisco_n1kv/username').with_value(params[:n1kv_vsm_username]) - is_expected.to contain_neutron_plugin_ml2('ml2_cisco_n1kv/password').with_value(params[:n1kv_vsm_password]) + is_expected.to contain_neutron_plugin_ml2('ml2_cisco_n1kv/password').with_value(params[:n1kv_vsm_password]).with_secret(true) is_expected.to contain_neutron_plugin_ml2('ml2_cisco_n1kv/default_policy_profile').with_value(params[:default_policy_profile]) is_expected.to contain_neutron_plugin_ml2('ml2_cisco_n1kv/default_vlan_network_profile').with_value(params[:default_vlan_network_profile]) is_expected.to contain_neutron_plugin_ml2('ml2_cisco_n1kv/default_vxlan_network_profile').with_value(params[:default_vxlan_network_profile]) diff --git a/spec/classes/neutron_plugins_ml2_cisco_ucsm_spec.rb b/spec/classes/neutron_plugins_ml2_cisco_ucsm_spec.rb index a6b7215ae..018ef6dcd 100644 --- a/spec/classes/neutron_plugins_ml2_cisco_ucsm_spec.rb +++ b/spec/classes/neutron_plugins_ml2_cisco_ucsm_spec.rb @@ -18,10 +18,10 @@ describe 'neutron::plugins::ml2::cisco::ucsm' do let :default_params do { - :ucsm_ip => '1.1.1.1', - :ucsm_username => 'admin', - :ucsm_password => 'password', - :ucsm_host_list => 'host1:profile1, host2:profile2', + :ucsm_ip => '1.1.1.1', + :ucsm_username => 'admin', + :ucsm_password => 'password', + :ucsm_host_list => 'host1:profile1, host2:profile2', :supported_pci_devs => [ '2222:3333', '4444:5555' ] } end @@ -31,9 +31,9 @@ describe 'neutron::plugins::ml2::cisco::ucsm' do end let :test_facts do - { :operatingsystem => 'default', - :operatingsystemrelease => 'default', - :concat_basedir => '/', + { :operatingsystem => 'default', + :operatingsystemrelease => 'default', + :concat_basedir => '/', } end @@ -48,7 +48,7 @@ describe 'neutron::plugins::ml2::cisco::ucsm' do it do is_expected.to contain_neutron_plugin_ml2('ml2_cisco_ucsm/ucsm_ip').with_value(params[:ucsm_ip]) is_expected.to contain_neutron_plugin_ml2('ml2_cisco_ucsm/ucsm_username').with_value(params[:ucsm_username]) - is_expected.to contain_neutron_plugin_ml2('ml2_cisco_ucsm/ucsm_password').with_value(params[:ucsm_password]) + is_expected.to contain_neutron_plugin_ml2('ml2_cisco_ucsm/ucsm_password').with_value(params[:ucsm_password]).with_secret(true) is_expected.to contain_neutron_plugin_ml2('ml2_cisco_ucsm/ucsm_host_list').with_value(params[:ucsm_host_list]) is_expected.to contain_neutron_plugin_ml2('ml2_cisco_ucsm/supported_pci_devs').with_value(params[:supported_pci_devs]) end diff --git a/spec/classes/neutron_plugins_ml2_fujitsu_cfab_spec.rb b/spec/classes/neutron_plugins_ml2_fujitsu_cfab_spec.rb index c00371767..a5bbaf06d 100644 --- a/spec/classes/neutron_plugins_ml2_fujitsu_cfab_spec.rb +++ b/spec/classes/neutron_plugins_ml2_fujitsu_cfab_spec.rb @@ -18,13 +18,13 @@ describe 'neutron::plugins::ml2::fujitsu::cfab' do let :default_params do { - :address => '192.168.0.1', - :username => 'admin', - :password => 'admin', + :address => '192.168.0.1', + :username => 'admin', + :password => 'admin', :physical_networks => 'physnet1:1,physnet2:2', - :share_pprofile => 'false', - :pprofile_prefix => 'neutron-', - :save_config => 'true', + :share_pprofile => 'false', + :pprofile_prefix => 'neutron-', + :save_config => 'true', } end @@ -33,9 +33,9 @@ describe 'neutron::plugins::ml2::fujitsu::cfab' do end let :test_facts do - { :operatingsystem => 'default', - :operatingsystemrelease => 'default', - :concat_basedir => '/', + { :operatingsystem => 'default', + :operatingsystemrelease => 'default', + :concat_basedir => '/', } end @@ -48,7 +48,7 @@ describe 'neutron::plugins::ml2::fujitsu::cfab' do it do is_expected.to contain_neutron_plugin_ml2('fujitsu_cfab/address').with_value(params[:address]) is_expected.to contain_neutron_plugin_ml2('fujitsu_cfab/username').with_value(params[:username]) - is_expected.to contain_neutron_plugin_ml2('fujitsu_cfab/password').with_value(params[:password]) + is_expected.to contain_neutron_plugin_ml2('fujitsu_cfab/password').with_value(params[:password]).with_secret(true) is_expected.to contain_neutron_plugin_ml2('fujitsu_cfab/physical_networks').with_value(params[:physical_networks]) is_expected.to contain_neutron_plugin_ml2('fujitsu_cfab/share_pprofile').with_value(params[:share_pprofile]) is_expected.to contain_neutron_plugin_ml2('fujitsu_cfab/pprofile_prefix').with_value(params[:pprofile_prefix]) diff --git a/spec/classes/neutron_plugins_ml2_fujitsu_fossw_spec.rb b/spec/classes/neutron_plugins_ml2_fujitsu_fossw_spec.rb index 82d4849f8..e52920f1d 100644 --- a/spec/classes/neutron_plugins_ml2_fujitsu_fossw_spec.rb +++ b/spec/classes/neutron_plugins_ml2_fujitsu_fossw_spec.rb @@ -18,14 +18,14 @@ describe 'neutron::plugins::ml2::fujitsu::fossw' do let :default_params do { - :fossw_ips => '192.168.0.1,192.168.0.2', - :username => 'admin', - :password => 'admin', - :port => 22, - :timeout => 30, - :udp_dest_port => 4789, + :fossw_ips => '192.168.0.1,192.168.0.2', + :username => 'admin', + :password => 'admin', + :port => 22, + :timeout => 30, + :udp_dest_port => 4789, :ovsdb_vlanid_range_min => 2, - :ovsdb_port => 6640, + :ovsdb_port => 6640, } end @@ -34,9 +34,9 @@ describe 'neutron::plugins::ml2::fujitsu::fossw' do end let :test_facts do - { :operatingsystem => 'default', - :operatingsystemrelease => 'default', - :concat_basedir => '/', + { :operatingsystem => 'default', + :operatingsystemrelease => 'default', + :concat_basedir => '/', } end @@ -49,7 +49,7 @@ describe 'neutron::plugins::ml2::fujitsu::fossw' do it do is_expected.to contain_neutron_plugin_ml2('fujitsu_fossw/fossw_ips').with_value(params[:fossw_ips]) is_expected.to contain_neutron_plugin_ml2('fujitsu_fossw/username').with_value(params[:username]) - is_expected.to contain_neutron_plugin_ml2('fujitsu_fossw/password').with_value(params[:password]) + is_expected.to contain_neutron_plugin_ml2('fujitsu_fossw/password').with_value(params[:password]).with_secret(true) is_expected.to contain_neutron_plugin_ml2('fujitsu_fossw/port').with_value(params[:port]) is_expected.to contain_neutron_plugin_ml2('fujitsu_fossw/timeout').with_value(params[:timeout]) is_expected.to contain_neutron_plugin_ml2('fujitsu_fossw/udp_dest_port').with_value(params[:udp_dest_port]) diff --git a/spec/classes/neutron_plugins_ml2_opendaylight_spec.rb b/spec/classes/neutron_plugins_ml2_opendaylight_spec.rb index d5cbfcf8b..56fe08794 100644 --- a/spec/classes/neutron_plugins_ml2_opendaylight_spec.rb +++ b/spec/classes/neutron_plugins_ml2_opendaylight_spec.rb @@ -50,7 +50,7 @@ describe 'neutron::plugins::ml2::opendaylight' do end it 'configures ml2_odl settings' do - is_expected.to contain_neutron_plugin_ml2('ml2_odl/password').with_value(params[:odl_password]) + is_expected.to contain_neutron_plugin_ml2('ml2_odl/password').with_value(params[:odl_password]).with_secret(true) is_expected.to contain_neutron_plugin_ml2('ml2_odl/username').with_value(params[:odl_username]) is_expected.to contain_neutron_plugin_ml2('ml2_odl/url').with_value(params[:odl_url]) is_expected.to contain_neutron_plugin_ml2('ml2_odl/port_binding_controller').with_value(params[:port_binding_controller]) diff --git a/spec/classes/neutron_plugins_ml2_vpp_spec.rb b/spec/classes/neutron_plugins_ml2_vpp_spec.rb index 72bc7da83..fdfe8b68e 100644 --- a/spec/classes/neutron_plugins_ml2_vpp_spec.rb +++ b/spec/classes/neutron_plugins_ml2_vpp_spec.rb @@ -14,8 +14,8 @@ describe 'neutron::plugins::ml2::vpp' do let :default_params do { - :etcd_host => '127.0.0.1', - :etcd_port => 4001, + :etcd_host => '127.0.0.1', + :etcd_port => 4001, } end @@ -41,7 +41,7 @@ describe 'neutron::plugins::ml2::vpp' do is_expected.to contain_neutron_plugin_ml2('ml2_vpp/etcd_host').with_value(params[:etcd_host]) is_expected.to contain_neutron_plugin_ml2('ml2_vpp/etcd_port').with_value(params[:etcd_port]) is_expected.to contain_neutron_plugin_ml2('ml2_vpp/etcd_user').with_value('') - is_expected.to contain_neutron_plugin_ml2('ml2_vpp/etcd_pass').with_value('') + is_expected.to contain_neutron_plugin_ml2('ml2_vpp/etcd_pass').with_value('').with_secret(true) end context 'when enabling etcd authentication' do @@ -51,7 +51,7 @@ describe 'neutron::plugins::ml2::vpp' do end it 'should configure etcd username and password' do is_expected.to contain_neutron_plugin_ml2('ml2_vpp/etcd_user').with_value('admin') - is_expected.to contain_neutron_plugin_ml2('ml2_vpp/etcd_pass').with_value('password') + is_expected.to contain_neutron_plugin_ml2('ml2_vpp/etcd_pass').with_value('password').with_secret(true) end end end diff --git a/spec/classes/neutron_plugins_opencontrail_spec.rb b/spec/classes/neutron_plugins_opencontrail_spec.rb index a0df33bc2..f4f356b37 100644 --- a/spec/classes/neutron_plugins_opencontrail_spec.rb +++ b/spec/classes/neutron_plugins_opencontrail_spec.rb @@ -54,7 +54,7 @@ describe 'neutron::plugins::opencontrail' do is_expected.to contain_neutron_plugin_opencontrail('KEYSTONE/auth_url').with_value(params[:keystone_auth_url]) is_expected.to contain_neutron_plugin_opencontrail('KEYSTONE/admin_user').with_value(params[:keystone_admin_user]) is_expected.to contain_neutron_plugin_opencontrail('KEYSTONE/admin_tenant_name').with_value(params[:keystone_admin_tenant_name]) - is_expected.to contain_neutron_plugin_opencontrail('KEYSTONE/admin_password').with_value(params[:keystone_admin_password]) + is_expected.to contain_neutron_plugin_opencontrail('KEYSTONE/admin_password').with_value(params[:keystone_admin_password]).with_secret(true) is_expected.to contain_neutron_plugin_opencontrail('KEYSTONE/admin_token').with_value(params[:keystone_admin_token]) end diff --git a/spec/classes/neutron_plugins_plumgrid_spec.rb b/spec/classes/neutron_plugins_plumgrid_spec.rb index a2a3c7812..22751bbb1 100644 --- a/spec/classes/neutron_plugins_plumgrid_spec.rb +++ b/spec/classes/neutron_plugins_plumgrid_spec.rb @@ -72,12 +72,12 @@ describe 'neutron::plugins::plumgrid' do is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/director_server').with_value(params[:director_server]) is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/director_server_port').with_value(params[:director_server_port]) is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/username').with_value('') - is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/password').with_value('') + is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/password').with_value('').with_secret(true) is_expected.to contain_neutron_plugin_plumgrid('PLUMgridDirector/servertimeout').with_value(params[:servertimeout]) is_expected.to contain_neutron_plugin_plumgrid('database/connection').with_value(params[:connection]) is_expected.to contain_neutron_plugin_plumgrid('l2gateway/vendor').with_value('') is_expected.to contain_neutron_plugin_plumgrid('l2gateway/sw_username').with_value('') - is_expected.to contain_neutron_plugin_plumgrid('l2gateway/sw_password').with_value('') + is_expected.to contain_neutron_plugin_plumgrid('l2gateway/sw_password').with_value('').with_secret(true) end it 'should perform default configuration of plumgrid plumlib' do @@ -90,7 +90,7 @@ describe 'neutron::plugins::plumgrid' do is_expected.to contain_neutron_plumlib_plumgrid('PLUMgridMetadata/nova_metadata_ip').with_value(params[:nova_metadata_ip]) is_expected.to contain_neutron_plumlib_plumgrid('PLUMgridMetadata/nova_metadata_port').with_value(params[:nova_metadata_port]) is_expected.to contain_neutron_plumlib_plumgrid('PLUMgridMetadata/nova_metadata_subnet').with_value(params[:nova_metadata_subnet]) - is_expected.to contain_neutron_plumlib_plumgrid('PLUMgridMetadata/metadata_proxy_shared_secret').with_value('') + is_expected.to contain_neutron_plumlib_plumgrid('PLUMgridMetadata/metadata_proxy_shared_secret').with_value('').with_secret(true) is_expected.to contain_neutron_plumlib_plumgrid('ConnectorType/connector_type').with_value('distributed') end