LGTM, thanks. On Fri, Jun 26, 2015 at 10:38 PM, 'Lisa Velden' via ganeti-devel < [email protected]> wrote:
> Raise an OpPrereqError if secret parameters are expected, but missing. > Job retries result in this error. > > Signed-off-by: Lisa Velden <[email protected]> > --- > lib/mcpu.py | 12 ++++++++++++ > src/Ganeti/Constants.hs | 4 ++++ > src/Ganeti/Types.hs | 1 + > 3 files changed, 17 insertions(+) > > diff --git a/lib/mcpu.py b/lib/mcpu.py > index 8134f53..209e859 100644 > --- a/lib/mcpu.py > +++ b/lib/mcpu.py > @@ -276,6 +276,17 @@ def _LockList(names): > return list(names) > > > +def _CheckSecretParameters(op): > + """Check if secret parameters are expected, but missing. > + > + """ > + if hasattr(op, "osparams_secret") and op.osparams_secret: > + for secret_param in op.osparams_secret: > + if op.osparams_secret[secret_param].Get() == constants.REDACTED: > + raise errors.OpPrereqError("Please re-submit secret parameters to > job.", > + errors.ECODE_INVAL) > + > + > class Processor(object): > """Object which runs OpCodes""" > DISPATCH_TABLE = _ComputeDispatchTable() > @@ -687,6 +698,7 @@ class Processor(object): > lu = lu_class(self, op, self.cfg, self.rpc, > self._wconfdcontext, self.wconfd) > lu.wconfdlocks = self.wconfd.Client().ListLocks(self._wconfdcontext) > + _CheckSecretParameters(op) > lu.ExpandNames() > assert lu.needed_locks is not None, "needed_locks not set by LU" > > diff --git a/src/Ganeti/Constants.hs b/src/Ganeti/Constants.hs > index d879cd8..23dc457 100644 > --- a/src/Ganeti/Constants.hs > +++ b/src/Ganeti/Constants.hs > @@ -5262,6 +5262,10 @@ debugModeConfidentialityWarning = > "ALERT: %s started in debug mode.\n\ > \ Private and secret parameters WILL be logged!\n" > > +-- | Use to hide secret parameter value > +redacted :: String > +redacted = Types.redacted > + > -- * Stat dictionary entries > -- > -- The get_file_info RPC returns a number of values as a dictionary, and > the > diff --git a/src/Ganeti/Types.hs b/src/Ganeti/Types.hs > index c9bcd8c..52c30f1 100644 > --- a/src/Ganeti/Types.hs > +++ b/src/Ganeti/Types.hs > @@ -177,6 +177,7 @@ module Ganeti.Types > , Secret(..) > , showSecretJSObject > , revealValInJSObject > + , redacted > , HvParams > , OsParams > , OsParamsPrivate > -- > 2.4.3.573.g4eafbef > > Hrvoje Ribicic Ganeti Engineering Google Germany GmbH Dienerstr. 12, 80331, München Geschäftsführer: Graham Law, Christine Elizabeth Flores Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
