Closed Bug 791102 Opened 12 years ago Closed 12 years ago

disable puppet's diffs by force

Categories

(mozilla.org Graveyard :: Server Operations, task)

Product:
mozilla.org Graveyard
Component:
Server Operations
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: dustin, Assigned: dustin)

References

Details

Attachments

(1 file)

bug791102.patch
809 bytes, patch
Callek
: review+
Details | Diff | Splinter Review
Pupppet's habit of showing diffs is handy when you want to know what's changed, but it has a nasty way of sending those diffs all the heck over the place - including to the dashboard and, in the event of an error, in email. That's bad. I had a bug filed earlier to try to disable this the "normal" way. But this capability needs to be brutally ripped out of puppet. Jabba suggested wrapping 'puppet' and 'puppetd' to replace --test with the proper set of options; another option is a patch applied to puppet after installation to basically comment out the diff generation.
Blocks: 734123
FWIW I'd highly prefer a way to *manualy* trigger diff generation when doing local testing, eg so it spews to console when I type |puppet agent --test --show-unsafe-diff| or something. But if that is more work than its worth, turning off diff entirely is "ok".
The problem is, when you do that, the diff goes everywhere. So that's the security risk I want to avoid here. We already don't get diffs for timed/startup runs of puppet.
I just added a feature req for the "better" way to do this, btw: https://projects.puppetlabs.com/issues/16412
Hah, this is pretty easy, actually: diff = echo diff_args = DIFFS DISABLED - https://bugzilla.mozilla.org/show_bug.cgi?id=791102
Attached patch bug791102.patchSplinter Review
Attachment #661200 - Flags: review?
Attachment #661200 - Flags: review? → review?(bugspam.Callek)
Comment on attachment 661200 [details] [diff] [review] bug791102.patch Review of attachment 661200 [details] [diff] [review]: ----------------------------------------------------------------- Weirdly hacky looking ;-) but should work
Attachment #661200 - Flags: review?(bugspam.Callek) → review+
Comment on attachment 661200 [details] [diff] [review] bug791102.patch Oh, it's definitely a hack. Checked in.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Product: mozilla.org → mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: