Correctly pass secrets via environment variables to avoid them being visible in process lists #275
Annotations
7 errors
Run tests:
spec/unit/puppet/provider/x509_request/openssl_spec.rb#L29
The openssl provider for the x509_request type when not forcing key creates a certificate with the proper options
Failure/Error: openssl options, environment: env
#<Puppet::Type::X509_request::ProviderOpenssl (class)> received :openssl with unexpected arguments
expected: (["req", "-new", "-key", "/tmp/foo.key", "-config", "/tmp/foo.cnf", "-out", "/tmp/foo.csr"])
got: (["req", "-new", "-key", "/tmp/foo.key", "-config", "/tmp/foo.cnf", "-out", "/tmp/foo.csr"], {:environment=>{}})
Diff:
@@ -5,5 +5,6 @@
"-config",
"/tmp/foo.cnf",
"-out",
- "/tmp/foo.csr"]]
+ "/tmp/foo.csr"],
+ {:environment=>{}}]
|
Run tests:
spec/unit/puppet/provider/x509_request/openssl_spec.rb#L41
The openssl provider for the x509_request type when using password creates a certificate with the proper options
Failure/Error: openssl options, environment: env
#<Puppet::Type::X509_request::ProviderOpenssl (class)> received :openssl with unexpected arguments
expected: (["req", "-new", "-key", "/tmp/foo.key", "-config", "/tmp/foo.cnf", "-out", "/tmp/foo.csr", ["-passin", "pass:2x6${"]])
got: (["req", "-new", "-key", "/tmp/foo.key", "-config", "/tmp/foo.cnf", "-out", "/tmp/foo.csr", ["-passin", "env:CERTIFICATE_PASSIN"]], {:environment=>{"CERTIFICATE_PASSIN"=>"2x6${"}})
Diff:
@@ -6,5 +6,6 @@
"/tmp/foo.cnf",
"-out",
"/tmp/foo.csr",
- ["-passin", "pass:2x6${"]]]
+ ["-passin", "env:CERTIFICATE_PASSIN"]],
+ {:environment=>{"CERTIFICATE_PASSIN"=>"2x6${"}}]
|
Run tests:
spec/unit/puppet/provider/x509_cert/openssl_spec.rb#L33
The openssl provider for the x509_cert type when not forcing key creates a certificate with the proper options
Failure/Error: openssl options, environment: env
#<Puppet::Type::X509_cert::ProviderOpenssl (class)> received :openssl with unexpected arguments
expected: (["req", "-config", "/tmp/foo.cnf", "-new", "-x509", "-days", 3650, "-key", "/tmp/foo.key", "-out", "/tmp/foo.crt", ["-extensions", "v3_req"]])
got: (["req", "-config", "/tmp/foo.cnf", "-new", "-x509", "-days", 3650, "-key", "/tmp/foo.key", "-out", "/tmp/foo.crt", ["-extensions", "v3_req"]], {:environment=>{}})
|
Run tests:
spec/unit/puppet/provider/x509_cert/openssl_spec.rb#L48
The openssl provider for the x509_cert type when not forcing key when using password creates a certificate with the proper options
Failure/Error: openssl options, environment: env
#<Puppet::Type::X509_cert::ProviderOpenssl (class)> received :openssl with unexpected arguments
expected: (["req", "-config", "/tmp/foo.cnf", "-new", "-x509", "-days", 3650, "-key", "/tmp/foo.key", "-out", "/tmp/foo.crt", ["-passin", "pass:2x6${"], ["-extensions", "v3_req"]])
got: (["req", "-config", "/tmp/foo.cnf", "-new", "-x509", "-days", 3650, "-key", "/tmp/foo.key", "-out", "/tmp/foo.crt", ["-passin", "env:CERTIFICATE_PASSIN"], ["-extensions", "v3_req"]], {:environment=>{"CERTIFICATE_PASSIN"=>"2x6${"}})
|
Run tests:
spec/unit/puppet/provider/x509_cert/openssl_spec.rb#L67
The openssl provider for the x509_cert type when using a CA for signing creates a certificate with the proper options
Failure/Error: openssl options, environment: env
#<Puppet::Type::X509_cert::ProviderOpenssl (class)> received :openssl with unexpected arguments
expected: (["x509", "-req", "-days", 3650, "-in", "/tmp/foo.csr", "-out", "/tmp/foo.crt", ["-extfile", "/tmp/foo...reateserial"], ["-CA", "/tmp/foo-ca.crt"], ["-CAkey", "/tmp/foo-ca.key"], ["-extensions", "v3_req"]])
got: (["x509", "-req", "-days", 3650, "-in", "/tmp/foo.csr", "-out", "/tmp/foo.crt", ["-extfile", "/tmp/foo...reateserial"], ["-CA", "/tmp/foo-ca.crt"], ["-CAkey", "/tmp/foo-ca.key"], ["-extensions", "v3_req"]], {:environment=>{}})
|
Run tests:
spec/unit/puppet/provider/x509_cert/openssl_spec.rb#L88
The openssl provider for the x509_cert type when using a CA for signing with a password creates a certificate with the proper options
Failure/Error: openssl options, environment: env
#<Puppet::Type::X509_cert::ProviderOpenssl (class)> received :openssl with unexpected arguments
expected: (["x509", "-req", "-days", 3650, "-in", "/tmp/foo.csr", "-out", "/tmp/foo.crt", ["-extfile", "/tmp/foo...p/foo-ca.crt"], ["-CAkey", "/tmp/foo-ca.key"], ["-passin", "pass:5i;6%"], ["-extensions", "v3_req"]])
got: (["x509", "-req", "-days", 3650, "-in", "/tmp/foo.csr", "-out", "/tmp/foo.crt", ["-extfile", "/tmp/foo..."], ["-CAkey", "/tmp/foo-ca.key"], ["-passin", "env:CERTIFICATE_PASSIN"], ["-extensions", "v3_req"]], {:environment=>{"CERTIFICATE_PASSIN"=>"5i;6%"}})
|
Run tests
Process completed with exit code 1.
|
Loading