There is cases when a command times out or when it fails
that we and Puppet [1] will output the raw command that
was executed.
For a user create command that output contains the
--password argument passed down to openstack CLI which
causes sensitive passwords to be leaked into log files
of the system executing Puppet, these can then be shipped
of from the system into a remote syslog and still be in
plain text.
This tries to use Ruby gsub with a regular expression
matching the two cases and instead output [redacted secret]
the same way we do with config provider.
[1] https://github.com/puppetlabs/puppet/blob/main/lib/puppet/util/execution.rb#L286
Change-Id: I4cad8f88fc7b67bb7aa4330832fc47bac41ae9df
16ce2f30de