config api/plugins: let plugins define sensitive properties themselves

Hard-coding a list of sensitive properties means that custom plugins
cannot define their own sensitive properties for the on_add/on_update
hooks.

Have plugins declare the list of their sensitive properties in the
plugin data. For backwards compatibility, return the previously
hard-coded list if no such declaration is present.

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Tested-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Reviewed-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Link: https://lore.proxmox.com/20250404133204.239783-6-f.ebner@proxmox.com

src/PVE/API2/Storage/Config.pm

@@ -190,8 +190,6 @@ __PACKAGE__->register_method ({
 	return &$api_storage_config($cfg, $param->{storage});
     }});
 
-my $sensitive_params = [qw(password encryption-key master-pubkey keyring)];
-
 __PACKAGE__->register_method ({
     name => 'create',
     protected => 1,
@@ -239,6 +237,7 @@ __PACKAGE__->register_method ({
 	# fix me in section config create never need an empty entity.
 	delete $param->{nodes} if !$param->{nodes};
 
+	my $sensitive_params = PVE::Storage::Plugin::sensitive_properties($type);
 	my $sensitive = extract_sensitive_params($param, $sensitive_params, []);
 
 	my $plugin = PVE::Storage::Plugin->lookup($type);
@@ -344,6 +343,7 @@ __PACKAGE__->register_method ({
 	    my $scfg = PVE::Storage::storage_config($cfg, $storeid);
 	    $type = $scfg->{type};
 
+	    my $sensitive_params = PVE::Storage::Plugin::sensitive_properties($type);
 	    my $sensitive = extract_sensitive_params($param, $sensitive_params, $delete);
 
 	    my $plugin = PVE::Storage::Plugin->lookup($type);

src/PVE/Storage/BTRFSPlugin.pm

@@ -45,6 +45,7 @@ sub plugindata {
 	    { images => 1, rootdir => 1 },
 	],
 	format => [ { raw => 1, subvol => 1 }, 'raw', ],
+	'sensitive-properties' => {},
     };
 }
 

src/PVE/Storage/CIFSPlugin.pm

@@ -101,6 +101,7 @@ sub plugindata {
 	content => [ { images => 1, rootdir => 1, vztmpl => 1, iso => 1,
 		   backup => 1, snippets => 1, import => 1}, { images => 1 }],
 	format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ],
+	'sensitive-properties' => { password => 1 },
     };
 }
 

src/PVE/Storage/CephFSPlugin.pm

@@ -118,6 +118,7 @@ sub plugindata {
     return {
 	content => [ { vztmpl => 1, iso => 1, backup => 1, snippets => 1, import => 1 },
 		     { backup => 1 }],
+	'sensitive-properties' => { keyring => 1 },
     };
 }
 

src/PVE/Storage/DirPlugin.pm

@@ -26,6 +26,7 @@ sub plugindata {
 	content => [ { images => 1, rootdir => 1, vztmpl => 1, iso => 1, backup => 1, snippets => 1, none => 1, import => 1 },
 		     { images => 1,  rootdir => 1 }],
 	format => [ { raw => 1, qcow2 => 1, vmdk => 1, subvol => 1 } , 'raw' ],
+	'sensitive-properties' => {},
     };
 }
 

src/PVE/Storage/ESXiPlugin.pm

@@ -31,6 +31,7 @@ sub plugindata {
     return {
 	content => [ { import => 1 }, { import => 1 }],
 	format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ],
+	'sensitive-properties' => { password => 1 },
     };
 }
 

src/PVE/Storage/GlusterfsPlugin.pm

@@ -100,6 +100,7 @@ sub plugindata {
 	content => [ { images => 1, vztmpl => 1, iso => 1, backup => 1, snippets => 1, import => 1},
 		     { images => 1 }],
 	format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ],
+	'sensitive-properties' => {},
     };
 }
 

src/PVE/Storage/ISCSIDirectPlugin.pm

@@ -60,6 +60,7 @@ sub plugindata {
     return {
 	content => [ {images => 1, none => 1}, { images => 1 }],
 	select_existing => 1,
+	'sensitive-properties' => {},
     };
 }
 

src/PVE/Storage/ISCSIPlugin.pm

@@ -305,6 +305,7 @@ sub plugindata {
     return {
 	content => [ {images => 1, none => 1}, { images => 1 }],
 	select_existing => 1,
+	'sensitive-properties' => {},
     };
 }
 

src/PVE/Storage/LVMPlugin.pm

@@ -218,6 +218,7 @@ sub type {
 sub plugindata {
     return {
 	content => [ {images => 1, rootdir => 1}, { images => 1 }],
+	'sensitive-properties' => {},
     };
 }
 

src/PVE/Storage/LvmThinPlugin.pm

@@ -31,6 +31,7 @@ sub type {
 sub plugindata {
     return {
 	content => [ {images => 1, rootdir => 1}, { images => 1, rootdir => 1}],
+	'sensitive-properties' => {},
     };
 }
 

src/PVE/Storage/NFSPlugin.pm

@@ -56,6 +56,7 @@ sub plugindata {
 	content => [ { images => 1, rootdir => 1, vztmpl => 1, iso => 1, backup => 1, snippets => 1, import => 1 },
 		     { images => 1 }],
 	format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ],
+	'sensitive-properties' => {},
     };
 }   
 

src/PVE/Storage/PBSPlugin.pm

@@ -30,6 +30,11 @@ sub type {
 sub plugindata {
     return {
 	content => [ {backup => 1, none => 1}, { backup => 1 }],
+	'sensitive-properties' => {
+	    'encryption-key' => 1,
+	    'master-pubkey' => 1,
+	    password => 1,
+	},
     };
 }
 

src/PVE/Storage/Plugin.pm

@@ -245,6 +245,18 @@ sub dirs_hash_to_string {
     return join(',', map { "$_=$hash->{$_}" } sort keys %$hash);
 }
 
+sub sensitive_properties {
+    my ($type) = @_;
+
+    my $data = $defaultData->{plugindata}->{$type};
+    if (my $sensitive_properties = $data->{'sensitive-properties'}) {
+	return [sort keys $sensitive_properties->%*];
+    }
+
+    # For backwards compatibility. This list was hardcoded in the API module previously.
+    return [qw(encryption-key keyring master-pubkey password)];
+}
+
 sub storage_has_feature {
     my ($type, $feature) = @_;
 

src/PVE/Storage/RBDPlugin.pm

@@ -380,6 +380,7 @@ sub type {
 sub plugindata {
     return {
 	content => [ {images => 1, rootdir => 1}, { images => 1 }],
+	'sensitive-properties' => { keyring => 1 },
     };
 }
 

src/PVE/Storage/ZFSPlugin.pm

@@ -175,6 +175,7 @@ sub type {
 sub plugindata {
     return {
 	content => [ {images => 1}, { images => 1 }],
+	'sensitive-properties' => {},
     };
 }
 

src/PVE/Storage/ZFSPoolPlugin.pm

@@ -22,6 +22,7 @@ sub plugindata {
     return {
 	content => [ {images => 1, rootdir => 1}, {images => 1 , rootdir => 1}],
 	format => [ { raw => 1, subvol => 1 } , 'raw' ],
+	'sensitive-properties' => {},
     };
 }