Hide output which can contain password strings
The change I68a89e413b7c3eecb747386998bd36314250384b introduced the task to check whether the password is valid but this task dumps a raw password string in case password authentication failed for some reason (eg. the user is not yet created). This change ensures the output is hidden, unless users explicitly enable sensitive logs. Closes-Bug: #1998158 Change-Id: I3214109f4f75620abc25d48db86179a8a411ccc7
This commit is contained in:
parent
61d3a6c023
commit
fc758a2fbd
@ -15,6 +15,8 @@
|
||||
# under the License.
|
||||
|
||||
- name: "Check password of Keystone user"
|
||||
# needed because the module dumps the raw output in case auth fails
|
||||
no_log: "{{ tripleo_keystone_resources_hide_sensitive_logs | bool }}"
|
||||
openstack.cloud.identity_user_info:
|
||||
name: "{{ lookup('dict', tripleo_keystone_resources_data).value.name | default(lookup('dict', tripleo_keystone_resources_data).key) }}"
|
||||
auth_type: "v3password"
|
||||
|
Loading…
Reference in New Issue
Block a user