Merge pull request #286 from rodjek/gh-283

(#283) Unwrap password in transport object template

Merge pull request #286 from rodjek/gh-283
0b5b39b6 · Jesse Scott · GitHub · 6b5ed922 · 364956f2 · 0b5b39b6
Unverified Commit 0b5b39b6 authored 5 years ago by Jesse Scott Committed by GitHub 5 years ago
--- a/object_templates/transport.erb
+++ b/object_templates/transport.erb
@@ -16,7 +16,7 @@ module Puppet::Transport
      context.debug("Checking connection to #{@connection_info[:host]}:#{@connection_info[:port]}")
      # in a real world implementation, the password would be checked by connecting
      # to the target device or checking that an existing connection is still alive
-      raise 'authentication error' if @connection_info[:password] == 'invalid'
+      raise 'authentication error' if @connection_info[:password].unwrap == 'invalid'
    end
    # Retrieve facts from the target and return in a hash

--- a/object_templates/transport_spec.erb
+++ b/object_templates/transport_spec.erb
@@ -6,11 +6,12 @@ RSpec.describe Puppet::Transport::<%= transport_class %> do
  subject(:transport) { described_class.new(context, connection_info) }
  let(:context) { instance_double('Puppet::ResourceApi::BaseContext', 'context') }
+  let(:password) { 'aih6cu6ohvohpahN' }
  let(:connection_info) do
    {
      host: 'api.example.com',
      user: 'admin',
-      password: 'aih6cu6ohvohpahN',
+      password: Puppet::Pops::Types::PSensitiveType::Sensitive.new(password),
    }
  end
@@ -30,7 +31,7 @@ RSpec.describe Puppet::Transport::<%= transport_class %> do
    end
    context 'with invalid credentials' do
-      let(:connection_info) { super().merge(password: 'invalid') }
+      let(:password) { 'invalid' }
      it 'raises an error' do
        expect { transport.verify(context) }.to raise_error RuntimeError, %r{authentication error}