search

Venafi / ansible-role-venafi

(END-OF-LIFE) Ansible Role that uses Venafi to streamline machine identity (certificate and key) acquisition.
Apache License 2.0
14 stars 8 forks source link

Credentials get logged when Ansible playbook is run in verbose mode #11

Closed sitaramkm closed 4 years ago

sitaramkm commented 4 years ago

PROBLEM SUMMARY When Ansible playbook is run in verbose mode credentials get logged.

STEPS TO REPRODUCE Run the Ansible playbook using Venafi Ansible Role. This is without using Ansible Vault to encrypt credentials.
ansible-playbook -vvv sample.yml

EXPECTED RESULTS The contents of credentials.yml should not be logged.

ACTUAL RESULTS Contents of credentials.yml gets logged

ENVIRONMENT DETAILS Latest venafi Ansible Role from Ansible Galaxy vcert += 0.6.7

COMMENTS/WORKAROUNDS Workaround is always use Ansible Vault to encrypt credentials file.

arykalin commented 4 years ago

Added no_log to the credentials facts