[pve-devel] [PATCH common 1/1] tools: add extract_sensitive_params

Wolfgang Bumiller w.bumiller at proxmox.com
Thu Dec 3 10:16:19 CET 2020


> On 12/03/2020 9:47 AM Thomas Lamprecht <t.lamprecht at proxmox.com> wrote:
> 
>  
> On 02.12.20 10:21, Dominik Csapak wrote:
> > moved and generalized from pve-storage, since we'll need it
> > in more places
> > 
> > Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> > ---
> >  src/PVE/Tools.pm | 24 ++++++++++++++++++++++++
> >  1 file changed, 24 insertions(+)
> > 
> > diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
> > index 4b445ea..bda236a 100644
> > --- a/src/PVE/Tools.pm
> > +++ b/src/PVE/Tools.pm
> > @@ -48,6 +48,7 @@ template_replace
> >  safe_print
> >  trim
> >  extract_param
> > +extract_sensitive_params
> >  file_copy
> >  get_host_arch
> >  O_PATH
> > @@ -807,6 +808,29 @@ sub extract_param {
> >      return $res;
> >  }
> >  
> 
> can we have some short comment about what this does and when/why it can be useful here
> 
> > +sub extract_sensitive_params :prototype($$$) {
> > +    my ($param, $sensitive_list, $delete_list) = @_;
> > +
> > +    my $sensitive;
> 
> I know auto vivification and such things exist, but I'd feel more comfortable
> to set above explicitly to and empty hash {} .
> 
> > +
> > +    my %delete = map { $_ => 1 } ($delete_list || [])->@*;
> > +
> > +    # always extract sensitive keys, so they don't get written to the www-data readable scfg
> 
> not only for scfg anymore, would drop that comment actually completely, that's rather
> something for a method comment (see above)
> 
> > +    for my $opt (@$sensitive_list) {
> > +	# First handle deletions as explicitly setting `undef`, afterwards new values may override
> > +	# it.
> 
> I know this is just copied, but there's no actual reason for setting to undef vs.
> using delete encoded in that comment, it's just merely describing what one sees
> when reading the code anyhow..
> 
> @Wolfgang, you as original author (pve-storage commit 72385de9e23df) why did you
> used undef vs. delete?

The update hooks in pve-storage don't get the deletion-list passed on as parameter,
so I translated into putting `undef` into the parameter list.





More information about the pve-devel mailing list