Browse Source

Add toggle for sensitive data within octavia

This change will allow deployers to expose sensitive data as needed.

Change-Id: I717b34920ab0129a2bac287015a6cd1053c7e1c9
Signed-off-by: Kevin Carter <kecarter@redhat.com>
changes/21/723521/6
Kevin Carter 2 years ago committed by Kevin Carter (cloudnull)
parent
commit
b7e8f8f9d3
  1. 19
      tripleo_ansible/roles/octavia_controller_config/defaults/main.yml
  2. 2
      tripleo_ansible/roles/octavia_controller_config/tasks/certificate.yml

19
tripleo_ansible/roles/octavia_controller_config/defaults/main.yml

@ -0,0 +1,19 @@
---
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# All variables intended for modification should be placed in this file.
octavia_controller_config_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}"

2
tripleo_ansible/roles/octavia_controller_config/tasks/certificate.yml

@ -15,7 +15,7 @@
dest: "{{ octavia_confd_prefix }}/{{ item.path }}"
selevel: s0
setype: svirt_sandbox_file_t
no_log: true
no_log: "{{ octavia_controller_config_hide_sensitive_logs | bool }}"
loop:
- content: "{{ private_key_content }}"
path: "{{ ca_private_key_path }}"

Loading…
Cancel
Save