Is your feature request related to a problem? Please describe.
When creating an issue here on GitHub, the "bug" template requests for the output of --debug, but with a ATTENTION note, that reads:
⚠ ATTENTION: Make sure to remove all sensitive information, such as username, password, credential, subscription ID, etc.
The debug output is long, and manually reviewing it in a text editor and changing all those information to *** or something is a pain; I'm sure it's prohibitive enough for some people to either not include the debug output (making the investigation harder for the team), or have some personal/secret information slip through.
It's also applicable when trying to post problems in Stack Overflow or share with consultancies/third-parties/contractors for troubleshooting purposes.
Describe the solution you'd like
It's clear (or agreeable by a discussion) what information is personal/secret and not safe to share (tenant ID, subscription ID, resource groups name, etc.), so masking them can be scripted.
I'm suggesting a new flag like --debug-masked to be the same as --debug, but, guess what, with secrets being masked!
Describe alternatives you've considered
Opening in a text editor and either skimming through, or by a global "Find and replace", but it's still possible to miss something.
Related command
All
az
commands that support--debug
Is your feature request related to a problem? Please describe.
When creating an issue here on GitHub, the "bug" template requests for the output of
--debug
, but with a ATTENTION note, that reads:The debug output is long, and manually reviewing it in a text editor and changing all those information to
***
or something is a pain; I'm sure it's prohibitive enough for some people to either not include the debug output (making the investigation harder for the team), or have some personal/secret information slip through.It's also applicable when trying to post problems in Stack Overflow or share with consultancies/third-parties/contractors for troubleshooting purposes.
Describe the solution you'd like
It's clear (or agreeable by a discussion) what information is personal/secret and not safe to share (tenant ID, subscription ID, resource groups name, etc.), so masking them can be scripted.
I'm suggesting a new flag like
--debug-masked
to be the same as--debug
, but, guess what, with secrets being masked!Describe alternatives you've considered
Opening in a text editor and either skimming through, or by a global "Find and replace", but it's still possible to miss something.
Additional context
N/A