From 8529eaa97d1fc640c42cd55ac3954a2125840f77 Mon Sep 17 00:00:00 2001
From: ZhongShengping <chdzsp@163.com>
Date: Tue, 28 Mar 2017 17:36:43 +0800
Subject: [PATCH] Password should be secured

Change-Id: Iee879506b769294639b80a1ba64e93ae3a37ae0a
Closes-Bug: #1676708
---
 manifests/backend/netapp.pp                   | 30 +++++++++----------
 manifests/compute/nova.pp                     | 16 +++++-----
 manifests/network/neutron.pp                  |  3 +-
 manifests/share/hitachi_hnas.pp               |  1 -
 manifests/share/netapp.pp                     | 25 ++++++++--------
 manifests/volume/cinder.pp                    | 18 +++++------
 .../classes/manila_share_hitachi_hnas_spec.rb | 14 ++++-----
 7 files changed, 52 insertions(+), 55 deletions(-)

diff --git a/manifests/backend/netapp.pp b/manifests/backend/netapp.pp
index 2f579e46..d87ac86c 100644
--- a/manifests/backend/netapp.pp
+++ b/manifests/backend/netapp.pp
@@ -98,26 +98,26 @@
 #    netapp_storage_family        => 'ontap_cluster',
 #    netapp_transport_type        => 'https',
 #  }
-
+#
 define manila::backend::netapp (
   $driver_handles_share_servers,
   $netapp_login,
   $netapp_password,
   $netapp_server_hostname,
-  $share_backend_name                    = $name,
-  $netapp_transport_type                 = 'http',
-  $netapp_storage_family                 = 'ontap_cluster',
-  $netapp_server_port                    = undef,
-  $netapp_volume_name_template           = 'share_%(share_id)s',
-  $netapp_vserver                        = undef,
-  $netapp_vserver_name_template          = 'os_%s',
-  $netapp_lif_name_template              = 'os_%(net_allocation_id)s',
-  $netapp_aggregate_name_search_pattern  = '(.*)',
-  $netapp_root_volume_aggregate          = undef,
-  $netapp_root_volume_name               = 'root',
-  $netapp_port_name_search_pattern       = '(.*)',
-  $netapp_trace_flags                    = undef,
-  $package_ensure                        = 'present',
+  $share_backend_name                   = $name,
+  $netapp_transport_type                = 'http',
+  $netapp_storage_family                = 'ontap_cluster',
+  $netapp_server_port                   = undef,
+  $netapp_volume_name_template          = 'share_%(share_id)s',
+  $netapp_vserver                       = undef,
+  $netapp_vserver_name_template         = 'os_%s',
+  $netapp_lif_name_template             = 'os_%(net_allocation_id)s',
+  $netapp_aggregate_name_search_pattern = '(.*)',
+  $netapp_root_volume_aggregate         = undef,
+  $netapp_root_volume_name              = 'root',
+  $netapp_port_name_search_pattern      = '(.*)',
+  $netapp_trace_flags                   = undef,
+  $package_ensure                       = 'present',
 ) {
 
   include ::manila::deps
diff --git a/manifests/compute/nova.pp b/manifests/compute/nova.pp
index bd2025b8..ca1b8213 100644
--- a/manifests/compute/nova.pp
+++ b/manifests/compute/nova.pp
@@ -51,13 +51,13 @@ class manila::compute::nova (
 ) {
 
 manila_config {
-  'DEFAULT/nova_catalog_info':        value => $nova_catalog_info;
-  'DEFAULT/nova_catalog_admin_info':  value => $nova_catalog_admin_info;
-  'DEFAULT/nova_ca_certificates_file':value => $nova_ca_certificates_file;
-  'DEFAULT/nova_api_insecure':        value => $nova_api_insecure;
-  'DEFAULT/nova_admin_username':      value => $nova_admin_username;
-  'DEFAULT/nova_admin_password':      value => $nova_admin_password;
-  'DEFAULT/nova_admin_tenant_name':   value => $nova_admin_tenant_name;
-  'DEFAULT/nova_admin_auth_url':      value => $nova_admin_auth_url;
+  'DEFAULT/nova_catalog_info':         value => $nova_catalog_info;
+  'DEFAULT/nova_catalog_admin_info':   value => $nova_catalog_admin_info;
+  'DEFAULT/nova_ca_certificates_file': value => $nova_ca_certificates_file;
+  'DEFAULT/nova_api_insecure':         value => $nova_api_insecure;
+  'DEFAULT/nova_admin_username':       value => $nova_admin_username;
+  'DEFAULT/nova_admin_password':       value => $nova_admin_password, secret => true;
+  'DEFAULT/nova_admin_tenant_name':    value => $nova_admin_tenant_name;
+  'DEFAULT/nova_admin_auth_url':       value => $nova_admin_auth_url;
   }
 }
diff --git a/manifests/network/neutron.pp b/manifests/network/neutron.pp
index ff685eb0..6ff81579 100644
--- a/manifests/network/neutron.pp
+++ b/manifests/network/neutron.pp
@@ -36,7 +36,6 @@
 # (optional) Location of ca certificates file to use for
 # neutron client requests.
 #
-
 class manila::network::neutron (
   $neutron_url                  = 'http://127.0.0.1:9696',
   $neutron_url_timeout          = 30,
@@ -57,7 +56,7 @@ class manila::network::neutron (
     'DEFAULT/neutron_url':                  value => $neutron_url;
     'DEFAULT/neutron_url_timeout':          value => $neutron_url_timeout;
     'DEFAULT/neutron_admin_username':       value => $neutron_admin_username;
-    'DEFAULT/neutron_admin_password':       value => $neutron_admin_password;
+    'DEFAULT/neutron_admin_password':       value => $neutron_admin_password, secret => true;
     'DEFAULT/neutron_admin_tenant_name':    value => $neutron_admin_tenant_name;
     'DEFAULT/neutron_region_name':          value => $neutron_region_name;
     'DEFAULT/neutron_admin_auth_url':       value => $neutron_admin_auth_url;
diff --git a/manifests/share/hitachi_hnas.pp b/manifests/share/hitachi_hnas.pp
index a95e99dd..42a05e7f 100644
--- a/manifests/share/hitachi_hnas.pp
+++ b/manifests/share/hitachi_hnas.pp
@@ -44,7 +44,6 @@
 #    hitachi_hnas_file_system_name => 'FS-Manila',
 #  }
 #
-
 class manila::share::hitachi_hnas (
     $hitachi_hnas_username,
     $hitachi_hnas_password,
diff --git a/manifests/share/netapp.pp b/manifests/share/netapp.pp
index a89e0f8a..7c1659a3 100644
--- a/manifests/share/netapp.pp
+++ b/manifests/share/netapp.pp
@@ -89,24 +89,23 @@
 #    netapp_transport_type        => 'https',
 #  }
 #
-
 class manila::share::netapp (
     $driver_handles_share_servers,
     $netapp_login,
     $netapp_password,
     $netapp_server_hostname,
-    $netapp_transport_type                 = 'http',
-    $netapp_storage_family                 = 'ontap_cluster',
-    $netapp_server_port                    = undef,
-    $netapp_volume_name_template           = 'share_%(share_id)s',
-    $netapp_vserver                        = undef,
-    $netapp_vserver_name_template          = 'os_%s',
-    $netapp_lif_name_template              = 'os_%(net_allocation_id)s',
-    $netapp_aggregate_name_search_pattern  = '(.*)',
-    $netapp_root_volume_aggregate          = undef,
-    $netapp_root_volume_name               = 'root',
-    $netapp_port_name_search_pattern       = '(.*)',
-    $netapp_trace_flags                    = undef,
+    $netapp_transport_type                = 'http',
+    $netapp_storage_family                = 'ontap_cluster',
+    $netapp_server_port                   = undef,
+    $netapp_volume_name_template          = 'share_%(share_id)s',
+    $netapp_vserver                       = undef,
+    $netapp_vserver_name_template         = 'os_%s',
+    $netapp_lif_name_template             = 'os_%(net_allocation_id)s',
+    $netapp_aggregate_name_search_pattern = '(.*)',
+    $netapp_root_volume_aggregate         = undef,
+    $netapp_root_volume_name              = 'root',
+    $netapp_port_name_search_pattern      = '(.*)',
+    $netapp_trace_flags                   = undef,
 ) {
 
   manila::backend::netapp { 'DEFAULT':
diff --git a/manifests/volume/cinder.pp b/manifests/volume/cinder.pp
index 7a71d70b..08b0ea32 100644
--- a/manifests/volume/cinder.pp
+++ b/manifests/volume/cinder.pp
@@ -45,15 +45,15 @@
 #   Defaults to 'http://localhost:5000/v2.0'
 #
 class manila::volume::cinder (
-  $cinder_catalog_info = 'volume:cinder:publicURL',
+  $cinder_catalog_info         = 'volume:cinder:publicURL',
   $cinder_ca_certificates_file = undef,
-  $cinder_http_retries = 3,
-  $cinder_api_insecure = false,
-  $cinder_cross_az_attach = true,
-  $cinder_admin_username = 'cinder',
-  $cinder_admin_password = undef,
-  $cinder_admin_tenant_name = 'service',
-  $cinder_admin_auth_url = 'http://localhost:5000/v2.0',
+  $cinder_http_retries         = 3,
+  $cinder_api_insecure         = false,
+  $cinder_cross_az_attach      = true,
+  $cinder_admin_username       = 'cinder',
+  $cinder_admin_password       = undef,
+  $cinder_admin_tenant_name    = 'service',
+  $cinder_admin_auth_url       = 'http://localhost:5000/v2.0',
 ) {
 
 manila_config {
@@ -63,7 +63,7 @@ manila_config {
   'DEFAULT/cinder_api_insecure':          value => $cinder_api_insecure;
   'DEFAULT/cinder_cross_az_attach':       value => $cinder_cross_az_attach;
   'DEFAULT/cinder_admin_username':        value => $cinder_admin_username;
-  'DEFAULT/cinder_admin_password':        value => $cinder_admin_password;
+  'DEFAULT/cinder_admin_password':        value => $cinder_admin_password, secret => true;
   'DEFAULT/cinder_admin_tenant_name':     value => $cinder_admin_tenant_name;
   'DEFAULT/cinder_admin_auth_url':        value => $cinder_admin_auth_url;
   }
diff --git a/spec/classes/manila_share_hitachi_hnas_spec.rb b/spec/classes/manila_share_hitachi_hnas_spec.rb
index ce779b54..68c30730 100644
--- a/spec/classes/manila_share_hitachi_hnas_spec.rb
+++ b/spec/classes/manila_share_hitachi_hnas_spec.rb
@@ -4,13 +4,13 @@ describe 'manila::share::hitachi_hnas' do
 
   let :params do
     {
-      :driver_handles_share_servers        => false,
-      :hitachi_hnas_ip                     => '172.24.44.15',
-      :hitachi_hnas_username               => 'supervisor',
-      :hitachi_hnas_password               => 'supervisor',
-      :hitachi_hnas_evs_id                 => '1',
-      :hitachi_hnas_evs_ip                 => ' 172.24.53.1',
-      :hitachi_hnas_file_system_name       => 'FS-Manila',
+      :driver_handles_share_servers  => false,
+      :hitachi_hnas_ip               => '172.24.44.15',
+      :hitachi_hnas_username         => 'supervisor',
+      :hitachi_hnas_password         => 'supervisor',
+      :hitachi_hnas_evs_id           => '1',
+      :hitachi_hnas_evs_ip           => ' 172.24.53.1',
+      :hitachi_hnas_file_system_name => 'FS-Manila',
     }
   end