Feature: mark variables/fields as private so they don't get added to logs/history #2887
Labels
Comments
|
Cool feature but why not just use ansible-vault on a playbook level? |
|
Because of our security policies that state that sensitive information can only be stored in a single designated location at-rest, and that so happens to not be an arbitrary secrets.yml file on a command and control server. Or, Why build a tool like SemaphoreUI and then leave out half the features that would make this tool more secure to use? |
|
@northwestnodes-eric What variable do you mean? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Related to
Ansible (task execution)
Impact
security improvements
Missing Feature
We would like to have an option for a variable field to be marked as private/secret such that the value is not stored in the history.
Implementation
Add a variable to a task template.
Have a checkbox that says "Private" or something along those lines.
Make sure the Private marked variable does not get stored in the run history/logs.
Design
No response
The text was updated successfully, but these errors were encountered: