openstack/kayobe
Code Issues Proposed changes
3942d29448
kayobe/releasenotes/notes/kolla-passwords-overrides-no-log-57054ce64fae8143.yaml
Mark Goddard 51a57394be kolla_passwords: add no_log for password overrides 
The kolla_passwords module overrides parameter may contain sensitive
data, including passwords and SSH keys. It should be protected via
no_log. Without this, the parameter value may be exposed in Ansible
logs, or if level 3 verbosity is used, Ansible output.

This change adds no_log to the parameter.

Change-Id: I3f499d63d19ba7f7372b401bd2da23ce627f18e5
2022-04-12 12:13:01 +01:00

12 lines
429 B
YAML
Raw Blame History

---
security:
- |
Fixes an issue where any passwords in ``kolla_ansible_custom_passwords``
were exposed in Ansible logs. When using verbosity level 3 (``-vvv``), they
were also exposed in Ansible output.
fixes:
- |
Fixes an issue where any passwords in ``kolla_ansible_custom_passwords``
were exposed in Ansible logs. When using verbosity level 3 (``-vvv``), they
were also exposed in Ansible output.
View Git Blame Copy Permalink