Correctly pass secrets via environment variables to avoid them being visible in process lists #276
Annotations
9 errors
vendor/bundle/ruby/3.2.0/gems/voxpupuli-acceptance-3.2.0/lib/voxpupuli/acceptance/examples.rb#L4
x509_cert example behaves like the example applies with no errors
Failure/Error: raise CommandFailure, "Host '#{self}' exited with #{result.exit_code} running:\n #{cmdline}\nLast #{@options[:trace_limit]} lines of output were:\n#{result.formatted_output(@options[:trace_limit])}"
Beaker::Host::CommandFailure:
Host 'rocky9-64-puppet7.example.com' exited with 6 running:
puppet apply --verbose --detailed-exitcodes /tmp/apply_manifest_144926398.f5KS3Y.pp
Last 10 lines of output were:
Error: Execution of '/usr/bin/openssl req -new -key /tmp/foo.example.com.key -config /tmp/foo.example.com.cnf -out /tmp/foo.example.com.csr -passin env:CERTIFICATE_PASSIN {:environment=>{"CERTIFICATE_PASSIN"=>"mahje1Qu"}}' returned 1: req: Use -help for summary.
Error: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/X509_request[/tmp/foo.example.com.csr]/ensure: change from 'absent' to 'present' failed: Execution of '/usr/bin/openssl req -new -key /tmp/foo.example.com.key -config /tmp/foo.example.com.cnf -out /tmp/foo.example.com.csr -passin env:CERTIFICATE_PASSIN {:environment=>{"CERTIFICATE_PASSIN"=>"mahje1Qu"}}' returned 1: req: Use -help for summary.
Error: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/X509_request[/tmp/foo.example.com.csr]: Failed to call refresh: Execution of '/usr/bin/openssl req -new -key /tmp/foo.example.com.key -config /tmp/foo.example.com.cnf -out /tmp/foo.example.com.csr -passin env:CERTIFICATE_PASSIN {:environment=>{"CERTIFICATE_PASSIN"=>"mahje1Qu"}}' returned 1: req: Use -help for summary.
Error: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/X509_request[/tmp/foo.example.com.csr]: Execution of '/usr/bin/openssl req -new -key /tmp/foo.example.com.key -config /tmp/foo.example.com.cnf -out /tmp/foo.example.com.csr -passin env:CERTIFICATE_PASSIN {:environment=>{"CERTIFICATE_PASSIN"=>"mahje1Qu"}}' returned 1: req: Use -help for summary.
�[mNotice: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/X509_cert[/tmp/foo.example.com.crt]: Dependency X509_request[/tmp/foo.example.com.csr] has failures: true
Warning: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/X509_cert[/tmp/foo.example.com.crt]: Skipping because of failed dependencies
Warning: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/File[/tmp/foo.example.com.crt]: Skipping because of failed dependencies
Warning: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/File[/tmp/foo.example.com.csr]: Skipping because of failed dependencies
Info: Openssl::Certificate::X509[foo.example.com]: Unscheduling all events on Openssl::Certificate::X509[foo.example.com]
�[mNotice: Applied catalog in 0.05 seconds
Shared Example Group: "an idempotent resource" called from ./vendor/bundle/ruby/3.2.0/gems/voxpupuli-acceptance-3.2.0/lib/voxpupuli/acceptance/examples.rb:14
Shared Example Group: "the example" called from ./spec/acceptance/x509_cert_spec.rb:10
|
vendor/bundle/ruby/3.2.0/gems/voxpupuli-acceptance-3.2.0/lib/voxpupuli/acceptance/examples.rb#L8
x509_cert example behaves like the example applies a second time without changes
Failure/Error: raise CommandFailure, "Host '#{self}' exited with #{result.exit_code} running:\n #{cmdline}\nLast #{@options[:trace_limit]} lines of output were:\n#{result.formatted_output(@options[:trace_limit])}"
Beaker::Host::CommandFailure:
Host 'rocky9-64-puppet7.example.com' exited with 4 running:
puppet apply --verbose --detailed-exitcodes /tmp/apply_manifest_144928335.0I21s9.pp
Last 10 lines of output were:
�[mNotice: Compiled catalog for rocky9-64-puppet7.example.com in environment production in 0.06 seconds
Info: Using environment 'production'
Info: Applying configuration version '1727707770'
Error: Execution of '/usr/bin/openssl req -new -key /tmp/foo.example.com.key -config /tmp/foo.example.com.cnf -out /tmp/foo.example.com.csr -passin env:CERTIFICATE_PASSIN {:environment=>{"CERTIFICATE_PASSIN"=>"mahje1Qu"}}' returned 1: req: Use -help for summary.
Error: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/X509_request[/tmp/foo.example.com.csr]/ensure: change from 'absent' to 'present' failed: Execution of '/usr/bin/openssl req -new -key /tmp/foo.example.com.key -config /tmp/foo.example.com.cnf -out /tmp/foo.example.com.csr -passin env:CERTIFICATE_PASSIN {:environment=>{"CERTIFICATE_PASSIN"=>"mahje1Qu"}}' returned 1: req: Use -help for summary.
�[mNotice: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/X509_cert[/tmp/foo.example.com.crt]: Dependency X509_request[/tmp/foo.example.com.csr] has failures: true
Warning: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/X509_cert[/tmp/foo.example.com.crt]: Skipping because of failed dependencies
Warning: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/File[/tmp/foo.example.com.crt]: Skipping because of failed dependencies
Warning: /Stage[main]/Main/Openssl::Certificate::X509[foo.example.com]/File[/tmp/foo.example.com.csr]: Skipping because of failed dependencies
�[mNotice: Applied catalog in 0.02 seconds
Shared Example Group: "an idempotent resource" called from ./vendor/bundle/ruby/3.2.0/gems/voxpupuli-acceptance-3.2.0/lib/voxpupuli/acceptance/examples.rb:14
Shared Example Group: "the example" called from ./spec/acceptance/x509_cert_spec.rb:10
|
spec/acceptance/x509_cert_spec.rb#L11
x509_cert example behaves like the example is expected to be file and have attributes {:owner => "nobody"}
Failure/Error: it { expect(file('/tmp/foo.example.com.crt')).to be_file.and(have_attributes(owner: 'nobody')) }
expected `File "/tmp/foo.example.com.crt".file?` to be truthy, got false
...and:
expected File "/tmp/foo.example.com.crt" to have attributes {:owner => "nobody"} but had attributes {:owner => ""}
Diff for (have attributes {:owner => "nobody"}):
@@ -1 +1 @@
-:owner => "nobody",
+:owner => "",
Shared Example Group: "the example" called from ./spec/acceptance/x509_cert_spec.rb:10
|
spec/acceptance/x509_cert_spec.rb#L22
x509_cert example behaves like the example is expected to have matching certificate "/tmp/foo.example.com.crt"
Failure/Error: it { expect(x509_private_key('/tmp/foo.example.com.key', passin: 'pass:mahje1Qu')).to have_matching_certificate('/tmp/foo.example.com.crt') }
expected `X509 private key "/tmp/foo.example.com.key".has_matching_certificate?("/tmp/foo.example.com.crt")` to be truthy, got false
Shared Example Group: "the example" called from ./spec/acceptance/x509_cert_spec.rb:10
|
spec/acceptance/x509_cert_spec.rb#L15
x509_cert example behaves like the example X509 certificate "/tmp/foo.example.com.crt" is expected to be certificate
Failure/Error: it { is_expected.to be_certificate }
expected `X509 certificate "/tmp/foo.example.com.crt".certificate?` to be truthy, got false
Shared Example Group: "the example" called from ./spec/acceptance/x509_cert_spec.rb:10
|
spec/acceptance/x509_cert_spec.rb#L16
x509_cert example behaves like the example X509 certificate "/tmp/foo.example.com.crt" is expected to be valid
Failure/Error: it { is_expected.to be_valid }
expected `X509 certificate "/tmp/foo.example.com.crt".valid?` to be truthy, got false
Shared Example Group: "the example" called from ./spec/acceptance/x509_cert_spec.rb:10
|
spec/acceptance/x509_cert_spec.rb#L17
x509_cert example behaves like the example X509 certificate "/tmp/foo.example.com.crt" subject is expected to match without whitespace /C = CH, O = Example.com, CN = foo.example.com/
Failure/Error: its(:subject) { is_expected.to match_without_whitespace(%r{C = CH, O = Example.com, CN = foo.example.com}) }
Actual:
Expected:
C = CH, O = Example.com, CN = foo.example.com
Shared Example Group: "the example" called from ./spec/acceptance/x509_cert_spec.rb:10
|
spec/acceptance/x509_cert_spec.rb#L18
x509_cert example behaves like the example X509 certificate "/tmp/foo.example.com.crt" keylength is expected to eq 1024
Failure/Error: its(:keylength) { is_expected.to eq 1024 }
expected: 1024
got: 0
(compared using ==)
Shared Example Group: "the example" called from ./spec/acceptance/x509_cert_spec.rb:10
|
|
This job failed
Loading