Fix information disclosure caused by unreachable nodes

Currently we can leak secrets if we encounter unreachable nodes combined with a task using with_items and no_log. In this case the item variables are written to both the job-output.json and job-output.txt. Upstream Ansible has the same issue [1]. The text log can be fixed by defining the v2_runner_on_unreachable callback the same as v2_runner_on_failed. The json log can be fixed the same way as the upstream Ansible issue. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1588855 Change-Id: Ie5dd2a6b11e8e276da65fe470f364107f3dd07ef
2018-06-08 15:25:50 +02:00
parent 896df11638
commit ffe7278c08
6 changed files with 90 additions and 1 deletions
--- a/zuul/ansible/callback/zuul_json.py
+++ b/zuul/ansible/callback/zuul_json.py
@@ -137,7 +137,7 @@ class CallbackModule(CallbackBase):

    def v2_runner_on_ok(self, result, **kwargs):
        host = result._host
-        if result._result.get('_ansible_no_log', False):
+        if result._result.get('_ansible_no_log', False) or result._task.no_log:
            self.results[-1]['tasks'][-1]['hosts'][host.name] = dict(
                censored="the output has been hidden due to the fact that"
                         " 'no_log: true' was specified for this result")
--- a/zuul/ansible/callback/zuul_stream.py
+++ b/zuul/ansible/callback/zuul_stream.py
@@ -606,3 +606,5 @@ class CallbackModule(default.CallbackModule):
                delegated_host=delegated_vars['ansible_host'])
        else:
            return result._host.get_name()
+
+    v2_runner_on_unreachable = v2_runner_on_failed