Sensitive key data now hidden in output log

Fixes: #6529
Signed-off-by: Neelaksh Singh <neelaksh48@gmail.com>
(cherry picked from commit d18a9860cde2981bcd71198f152924cc6cf05932)

diff --git a/roles/ceph-client/tasks/create_users_keys.yml b/roles/ceph-client/tasks/create_users_keys.yml
index 4ea7f55cd5c8cca70492b4a11dbdd33dc6027a1f..047246ae1a39a1d329a9e53fdcb4c0c1f8c5d4c1 100644 (file)
--- a/roles/ceph-client/tasks/create_users_keys.yml
+++ b/roles/ceph-client/tasks/create_users_keys.yml
@@ -28,6 +28,7 @@
     - cephx | bool
     - keys | length > 0
     - inventory_hostname == groups.get('_filtered_clients') | first
+  no_log: true
 
 - name: slurp client cephx key(s)
   slurp:
@@ -39,6 +40,7 @@
     - cephx | bool
     - keys | length > 0
     - inventory_hostname == groups.get('_filtered_clients') | first
+  no_log: true
 
 - name: pool related tasks
   when:
@@ -79,3 +81,5 @@
     group: "{{ ceph_uid }}"
   with_items: "{{ hostvars[groups['_filtered_clients'][0]]['slurp_client_keys']['results'] }}"
   when: not item.get('skipped', False)
+  no_log: true
+

diff --git a/roles/ceph-client/tasks/pre_requisite.yml b/roles/ceph-client/tasks/pre_requisite.yml
index 69735237735047975c6b19a62b556d1a688ec8e0..1f144f7766ebeb68adf77f48fb2df281729d56f7 100644 (file)
--- a/roles/ceph-client/tasks/pre_requisite.yml
+++ b/roles/ceph-client/tasks/pre_requisite.yml
@@ -22,4 +22,5 @@
       with_items: "{{ _client_keys.results }}"
       when:
         - item.item.copy_key | bool
+      no_log: true
   when: cephx | bool

diff --git a/roles/ceph-crash/tasks/main.yml b/roles/ceph-crash/tasks/main.yml
index 97f126c71873b8ac62ae47a89a708c22b35f364f..89536f4d575f285b8d86546741ac89d8a8be2203 100644 (file)
--- a/roles/ceph-crash/tasks/main.yml
+++ b/roles/ceph-crash/tasks/main.yml
@@ -50,6 +50,7 @@
         owner: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
         group: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
         mode: "{{ ceph_keyring_permissions }}"
+      no_log: true
 
 - name: start ceph-crash daemon
   when: containerized_deployment | bool

diff --git a/roles/ceph-iscsi-gw/tasks/common.yml b/roles/ceph-iscsi-gw/tasks/common.yml
index eeffbc53ac7e3d05bb1a32798e05d4e048027a5d..ceafd0466ff3ca3fa6c324dbe826733da7514597 100644 (file)
--- a/roles/ceph-iscsi-gw/tasks/common.yml
+++ b/roles/ceph-iscsi-gw/tasks/common.yml
@@ -21,6 +21,7 @@
   when:
     - cephx | bool
     - item.item.copy_key | bool
+  no_log: true
 
 - name: add mgr ip address to trusted list with dashboard - ipv4
   set_fact:

diff --git a/roles/ceph-mds/tasks/common.yml b/roles/ceph-mds/tasks/common.yml
index e41c95468fa08d615fe74799e0de1a4ae0a3213c..48d90d27956f00b59818d2d97f21b4ffe7ed1a83 100644 (file)
--- a/roles/ceph-mds/tasks/common.yml
+++ b/roles/ceph-mds/tasks/common.yml
@@ -33,3 +33,5 @@
   when:
     - cephx | bool
     - item.item.copy_key | bool
+  no_log: true
+

diff --git a/roles/ceph-mgr/tasks/common.yml b/roles/ceph-mgr/tasks/common.yml
index 991330eea495a84f0a5fff6bdd5f679c5cd9d19d..9af64abf97c84e92bf30468c86f7e835d6df8b39 100644 (file)
--- a/roles/ceph-mgr/tasks/common.yml
+++ b/roles/ceph-mgr/tasks/common.yml
@@ -74,6 +74,7 @@
         - cephx | bool
         - item is not skipped
         - item.item.copy_key | bool
+      no_log: true
 
 - name: set mgr key permissions
   file:

diff --git a/roles/ceph-nfs/tasks/main.yml b/roles/ceph-nfs/tasks/main.yml
index b788826e434fcf3cde5f0372ef453c2b17bab6b3..186fb0f529684d3249a2434b39317f8217e515d8 100644 (file)
--- a/roles/ceph-nfs/tasks/main.yml
+++ b/roles/ceph-nfs/tasks/main.yml
@@ -75,6 +75,7 @@
       when:
         - not item.0.get('skipped', False)
         - item.0.item.name == 'client.' + ceph_nfs_ceph_user or item.0.item.name == rgw_client_name
+      no_log: true
 
 - name: include start_nfs.yml
   import_tasks: start_nfs.yml

diff --git a/roles/ceph-nfs/tasks/pre_requisite_container.yml b/roles/ceph-nfs/tasks/pre_requisite_container.yml
index 75e0d1132271aa532dbfda19b165711d6d3009f1..b64301e53d1ef47fcd2283c95f714c2e9278351d 100644 (file)
--- a/roles/ceph-nfs/tasks/pre_requisite_container.yml
+++ b/roles/ceph-nfs/tasks/pre_requisite_container.yml
@@ -32,6 +32,7 @@
       when:
         - cephx | bool
         - item.item.copy_key | bool
+      no_log: true
   when: groups.get(mon_group_name, []) | length > 0
 
 - name: dbus related tasks
@@ -52,4 +53,4 @@
 
     - name: reload dbus configuration
       command: "killall -SIGHUP dbus-daemon"
-  when: ceph_nfs_dynamic_exports | bool
\ No newline at end of file
+  when: ceph_nfs_dynamic_exports | bool

diff --git a/roles/ceph-nfs/tasks/pre_requisite_non_container.yml b/roles/ceph-nfs/tasks/pre_requisite_non_container.yml
index da8298329945f8267d26dcd70132f652cb47999f..1856ce3210ba54c5bef75e3c0822108837c1e5fa 100644 (file)
--- a/roles/ceph-nfs/tasks/pre_requisite_non_container.yml
+++ b/roles/ceph-nfs/tasks/pre_requisite_non_container.yml
@@ -70,6 +70,7 @@
       when:
         - cephx | bool
         - item.item.copy_key | bool
+      no_log: true
 
     - name: nfs object gateway related tasks
       when: nfs_obj_gw | bool

diff --git a/roles/ceph-osd/tasks/common.yml b/roles/ceph-osd/tasks/common.yml
index 989830952f0bdd92043353c4e919c87994b7bcf5..40f01b6c23e30f2a5cd157406d002708ac87d6e6 100644 (file)
--- a/roles/ceph-osd/tasks/common.yml
+++ b/roles/ceph-osd/tasks/common.yml
@@ -35,3 +35,5 @@
     - cephx | bool
     - item is not skipped
     - item.item.copy_key | bool
+  no_log: true
+

diff --git a/roles/ceph-osd/tasks/openstack_config.yml b/roles/ceph-osd/tasks/openstack_config.yml
index 4e1842ec85acdbf9ab22bd8e2ebae498a838099a..52441cf23c7a3823248ba83cf8f6cae1f3605e73 100644 (file)
--- a/roles/ceph-osd/tasks/openstack_config.yml
+++ b/roles/ceph-osd/tasks/openstack_config.yml
@@ -54,6 +54,7 @@
         - "{{ _osp_keys.results }}"
         - "{{ groups[mon_group_name] }}"
       delegate_to: "{{ item.1 }}"
+      no_log: true
   when:
     - cephx | bool
     - openstack_config | bool

diff --git a/roles/ceph-rbd-mirror/tasks/common.yml b/roles/ceph-rbd-mirror/tasks/common.yml
index 5fee414d548a7960a0678299624569e0d3ebbcab..4de1bc7d1957fa3f898ebc21ac90b76dd7c43e21 100644 (file)
--- a/roles/ceph-rbd-mirror/tasks/common.yml
+++ b/roles/ceph-rbd-mirror/tasks/common.yml
@@ -22,6 +22,7 @@
   when:
     - cephx | bool
     - item.item.copy_key | bool
+  no_log: true
 
 - name: create rbd-mirror keyring
   command: >

diff --git a/roles/ceph-rgw/tasks/common.yml b/roles/ceph-rgw/tasks/common.yml
index 873de6903c368051c1cad2525e26fbbbcc6f8bde..a851614070e1474b8420fa84cdbafbbd7c07e7be 100644 (file)
--- a/roles/ceph-rgw/tasks/common.yml
+++ b/roles/ceph-rgw/tasks/common.yml
@@ -32,6 +32,7 @@
     - cephx | bool
     - item is not skipped
     - item.item.copy_key | bool
+  no_log: true
 
 - name: copy SSL certificate & key data to certificate path
   copy: