ceph-volume: do not print the secret of osd keyring

during osd preparation, ceph-volume logs the secret of the osd keyring to file
```
[2022-06-15 12:31:17,466][ceph_volume.process][INFO  ] Running command: /usr/bin/ceph-authtool /var/lib/ceph/osd/ceph-0/keyring --create-keyring --name osd.0 --add-key AQAM0aliR5JvDRAAQBu0stWl9ZhZrcjijg2BIQ==
[2022-06-15 12:31:17,481][ceph_volume.process][INFO  ] stdout creating /var/lib/ceph/osd/ceph-0/keyring
added entity osd.0 auth(key=AQAM0aliR5JvDRAAQBu0stWl9ZhZrcjijg2BIQ==)
```

This shouldn't be logged nor printed on terminal.

Fixes: https://tracker.ceph.com/issues/56071
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 4b9cc6b303588e0c44443debe4f04c6160adf5a2)

diff --git a/src/ceph-volume/ceph_volume/util/prepare.py b/src/ceph-volume/ceph_volume/util/prepare.py
index df6d8c70401ca13cd421c2f2439af1f8f4f79455..ff7427eedd207bd7782655bc7be147ea71184012 100644 (file)
--- a/src/ceph-volume/ceph_volume/util/prepare.py
+++ b/src/ceph-volume/ceph_volume/util/prepare.py
@@ -19,7 +19,8 @@ mlogger = terminal.MultiLogger(__name__)
 def create_key():
     stdout, stderr, returncode = process.call(
         ['ceph-authtool', '--gen-print-key'],
-        show_command=True)
+        show_command=True,
+        logfile_verbose=False)
     if returncode != 0:
         raise RuntimeError('Unable to generate a new auth key')
     return ' '.join(stdout).strip()
@@ -40,13 +41,15 @@ def write_keyring(osd_id, secret, keyring_name='keyring', name=None):
     """
     osd_keyring = '/var/lib/ceph/osd/%s-%s/%s' % (conf.cluster, osd_id, keyring_name)
     name = name or 'osd.%s' % str(osd_id)
-    process.run(
+    mlogger.info(f'Creating keyring file for {name}')
+    process.call(
         [
             'ceph-authtool', osd_keyring,
             '--create-keyring',
             '--name', name,
             '--add-key', secret
-        ])
+        ],
+        logfile_verbose=False)
     system.chown(osd_keyring)