Sensitive key data now hidden in output log

author Neelaksh Singh <neelaksh48@gmail.com>

Thu, 20 May 2021 06:04:02 +0000 (02:04 -0400)

committer Guillaume Abrioux <gabrioux@redhat.com>

Fri, 9 Jul 2021 14:03:02 +0000 (16:03 +0200)
author Neelaksh Singh <neelaksh48@gmail.com>
Thu, 20 May 2021 06:04:02 +0000 (02:04 -0400)
committer Guillaume Abrioux <gabrioux@redhat.com>
Fri, 9 Jul 2021 14:03:02 +0000 (16:03 +0200)
diff --git a/roles/ceph-client/tasks/create_users_keys.yml b/roles/ceph-client/tasks/create_users_keys.yml

index a754d9803c4af5dee6e7086ca831b47fd223ae20..c9512175cd2cf37085ef3e118d25e286fa468bea 100644 (file)
--- a/roles/ceph-client/tasks/create_users_keys.yml
+++ b/roles/ceph-client/tasks/create_users_keys.yml
@@ -39,6 +39,7 @@
      - cephx | bool
      - keys | length > 0
      - inventory_hostname == groups.get('_filtered_clients') | first
+  no_log: true
  
  - name: slurp client cephx key(s)
    slurp:
@@ -50,6 +51,7 @@
      - cephx | bool
      - keys | length > 0
      - inventory_hostname == groups.get('_filtered_clients') | first
+  no_log: true
  
  - name: pool related tasks
    when:
@@ -90,3 +92,5 @@
      group: "{{ ceph_uid }}"
    with_items: "{{ hostvars[groups['_filtered_clients'][0]]['slurp_client_keys']['results'] }}"
    when: not item.get('skipped', False)
+  no_log: true
+
diff --git a/roles/ceph-client/tasks/pre_requisite.yml b/roles/ceph-client/tasks/pre_requisite.yml

index 512bbd8fcf351bb5359888690f09ac60e27dd495..e928c664be91bd822fcaa28c583e77377f55d465 100644 (file)
--- a/roles/ceph-client/tasks/pre_requisite.yml
+++ b/roles/ceph-client/tasks/pre_requisite.yml
@@ -21,6 +21,7 @@
          owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
          group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
          mode: "{{ ceph_keyring_permissions }}"
+      no_log: true
    when:
      - cephx | bool
      - copy_admin_key | bool
diff --git a/roles/ceph-crash/tasks/main.yml b/roles/ceph-crash/tasks/main.yml

index 4d6d247d195dbedcb065b03f2eae4a375f4afdba..9723b2477def4f49d7f93205378bf002a651e4c2 100644 (file)
--- a/roles/ceph-crash/tasks/main.yml
+++ b/roles/ceph-crash/tasks/main.yml
@@ -40,6 +40,7 @@
          owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
          group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
          mode: "{{ ceph_keyring_permissions }}"
+      no_log: true
  
  - name: start ceph-crash daemon
    when: containerized_deployment | bool
diff --git a/roles/ceph-iscsi-gw/tasks/common.yml b/roles/ceph-iscsi-gw/tasks/common.yml

index 0170d4929ad185972674cd9e7f251ce1a8dc515f..b43c0e02d117b57090b5a3f7c4442640c507c0b7 100644 (file)
--- a/roles/ceph-iscsi-gw/tasks/common.yml
+++ b/roles/ceph-iscsi-gw/tasks/common.yml
@@ -25,6 +25,7 @@
    when:
      - cephx | bool
      - copy_admin_key | bool
+  no_log: true
  
  - name: add mgr ip address to trusted list with dashboard - ipv4
    set_fact:
diff --git a/roles/ceph-mds/tasks/common.yml b/roles/ceph-mds/tasks/common.yml

index 83ba661112ec969378399f7dd79335caeea22bc3..d4c9b1f4160f41dc61ba78d6f26d6a57713a2b0a 100644 (file)
--- a/roles/ceph-mds/tasks/common.yml
+++ b/roles/ceph-mds/tasks/common.yml
@@ -40,3 +40,5 @@
    when:
      - cephx | bool
      - item.item.copy_key | bool
+  no_log: true
+
diff --git a/roles/ceph-mgr/tasks/common.yml b/roles/ceph-mgr/tasks/common.yml

index a0fec866fd057fa05df68e7c2c1d62273b45af83..056638852751e073880553df1fd8e4d5503415b8 100644 (file)
--- a/roles/ceph-mgr/tasks/common.yml
+++ b/roles/ceph-mgr/tasks/common.yml
@@ -81,6 +81,7 @@
          - cephx | bool
          - item is not skipped
          - item.item.copy_key | bool
+      no_log: true
  
  - name: set mgr key permissions
    file:
diff --git a/roles/ceph-nfs/tasks/main.yml b/roles/ceph-nfs/tasks/main.yml

index 4917e453fdf8f6be07d771c5e769828b67918d08..2169908acae36565ffd41638ce56b06a840e18aa 100644 (file)
--- a/roles/ceph-nfs/tasks/main.yml
+++ b/roles/ceph-nfs/tasks/main.yml
@@ -75,6 +75,7 @@
        when:
          - not item.0.get('skipped', False)
          - item.0.item.name == 'client.' + ceph_nfs_ceph_user or item.0.item.name == rgw_client_name
+      no_log: true
  
  - name: include start_nfs.yml
    import_tasks: start_nfs.yml
diff --git a/roles/ceph-nfs/tasks/pre_requisite_container.yml b/roles/ceph-nfs/tasks/pre_requisite_container.yml

index d130f5ef26ae51943fa6a8c7071bb5bc819ea8b0..599f78f8287d522430369e9460679e069610f51a 100644 (file)
--- a/roles/ceph-nfs/tasks/pre_requisite_container.yml
+++ b/roles/ceph-nfs/tasks/pre_requisite_container.yml
@@ -39,6 +39,7 @@
        when:
          - cephx | bool
          - item.item.copy_key | bool
+      no_log: true
    when: groups.get(mon_group_name, []) | length > 0
  
  - name: dbus related tasks
@@ -59,4 +60,4 @@
  
      - name: reload dbus configuration
        command: "killall -SIGHUP dbus-daemon"
-  when: ceph_nfs_dynamic_exports | bool
-\ No newline at end of file
+  when: ceph_nfs_dynamic_exports | bool
diff --git a/roles/ceph-nfs/tasks/pre_requisite_non_container.yml b/roles/ceph-nfs/tasks/pre_requisite_non_container.yml

index 862aaac1b4865b001e1d3dae01a9a0cdc3745405..f197eec9d6adb5b3b4a4457d1eac3c97e1965cb8 100644 (file)
--- a/roles/ceph-nfs/tasks/pre_requisite_non_container.yml
+++ b/roles/ceph-nfs/tasks/pre_requisite_non_container.yml
@@ -74,6 +74,7 @@
        when:
          - cephx | bool
          - item.item.copy_key | bool
+      no_log: true
  
      - name: nfs object gateway related tasks
        when: nfs_obj_gw | bool
diff --git a/roles/ceph-osd/tasks/common.yml b/roles/ceph-osd/tasks/common.yml

index c65a884d6db70a3a308be412c2220f8300fd77d4..86087cec19a3f807e4e36f940739e8b90faae5d5 100644 (file)
--- a/roles/ceph-osd/tasks/common.yml
+++ b/roles/ceph-osd/tasks/common.yml
@@ -42,3 +42,5 @@
      - cephx | bool
      - item is not skipped
      - item.item.copy_key | bool
+  no_log: true
+
diff --git a/roles/ceph-osd/tasks/openstack_config.yml b/roles/ceph-osd/tasks/openstack_config.yml

index 83139ad1607fee3c256bd04b9834eba3e6d802d8..254f86a18d3d3202b004828644da1d52daf07e68 100644 (file)
--- a/roles/ceph-osd/tasks/openstack_config.yml
+++ b/roles/ceph-osd/tasks/openstack_config.yml
@@ -60,6 +60,7 @@
          - "{{ _osp_keys.results }}"
          - "{{ groups[mon_group_name] }}"
        delegate_to: "{{ item.1 }}"
+      no_log: true
    when:
      - cephx | bool
      - openstack_config | bool
diff --git a/roles/ceph-rbd-mirror/tasks/common.yml b/roles/ceph-rbd-mirror/tasks/common.yml

index 14f5284d2fa1414ad94b117e7363ddc08529214d..a47da60e6dbb9816e16554a6d039b45477ba3ac2 100644 (file)
--- a/roles/ceph-rbd-mirror/tasks/common.yml
+++ b/roles/ceph-rbd-mirror/tasks/common.yml
@@ -29,6 +29,7 @@
    when:
      - cephx | bool
      - item.item.copy_key | bool
+  no_log: true
  
  - name: create rbd-mirror keyring
    ceph_key:
diff --git a/roles/ceph-rgw/tasks/common.yml b/roles/ceph-rgw/tasks/common.yml

index af54e9029a6be3ea69f15bb322adf81ed5a0c268..237f110f60b727acf47512ef4c09c022f41cd65e 100644 (file)
--- a/roles/ceph-rgw/tasks/common.yml
+++ b/roles/ceph-rgw/tasks/common.yml
@@ -39,6 +39,7 @@
      - cephx | bool
      - item is not skipped
      - item.item.copy_key | bool
+  no_log: true
  
  - name: copy SSL certificate & key data to certificate path
    copy:
author	Neelaksh Singh <neelaksh48@gmail.com>
	Thu, 20 May 2021 06:04:02 +0000 (02:04 -0400)
committer	Guillaume Abrioux <gabrioux@redhat.com>
	Fri, 9 Jul 2021 14:03:02 +0000 (16:03 +0200)
roles/ceph-client/tasks/create_users_keys.yml		patch \| blob \| history
roles/ceph-client/tasks/pre_requisite.yml		patch \| blob \| history
roles/ceph-crash/tasks/main.yml		patch \| blob \| history
roles/ceph-iscsi-gw/tasks/common.yml		patch \| blob \| history
roles/ceph-mds/tasks/common.yml		patch \| blob \| history
roles/ceph-mgr/tasks/common.yml		patch \| blob \| history
roles/ceph-nfs/tasks/main.yml		patch \| blob \| history
roles/ceph-nfs/tasks/pre_requisite_container.yml		patch \| blob \| history
roles/ceph-nfs/tasks/pre_requisite_non_container.yml		patch \| blob \| history
roles/ceph-osd/tasks/common.yml		patch \| blob \| history
roles/ceph-osd/tasks/openstack_config.yml		patch \| blob \| history
roles/ceph-rbd-mirror/tasks/common.yml		patch \| blob \| history
roles/ceph-rgw/tasks/common.yml		patch \| blob \| history