Skip to content
This repository has been archived by the owner on Jun 4, 2021. It is now read-only.

Don't print long apt keys to the log #1412

Merged
merged 3 commits into from
Jul 30, 2018
Merged

Don't print long apt keys to the log #1412

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
9fd8f2b
Don't print long apt keys to the log
nopdotcom Jul 28, 2018
6684aa4
Merge branch 'master' into nopdotcom-shorter-log
nopdotcom Jul 29, 2018
588e81c
Ah, the joys of bad merges
nopdotcom Jul 29, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 2 additions & 1 deletion playbooks/roles/lets-encrypt/tasks/install.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
- name: Add the APT key for acmetool
- name: "Add the APT key for acmetool; hiding 25 lines of log..."
apt_key:
id: 9862409EF124EC763B84972FF5AC9651EDB58DFA
data: "{{ item }}"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing no_log.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed.

What happened here was that I did a more extensive purge of with_file, given that with_foo loops have been deprecated in general. But on closer reading, with_file hasn't been deprecated, probably because it's cleaner-looking than:

- name: "Add the evil repository"
  apt_key:
    id: C0DEDBAD
    data: "{{ lookup('file', 'files/signing-key') }}"

So I backed off all of those patches, and went too far. Oops.

with_file: acmetool_ppa.pem
no_log: True

- name: Add the official acmetool repository
apt_repository:
Expand Down
3 changes: 2 additions & 1 deletion playbooks/roles/nginx/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,12 @@
state: absent
with_items: "{{ apache_packages_to_remove }}"

- name: Add the official Nginx APT key
- name: "Add the official Nginx APT key; hiding 25 lines of log..."
apt_key:
id: 7BD9BF62
data: "{{ item }}"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing no_log.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed.

with_file: nginx_signing.key
no_log: True

- name: Add the official Nginx repository
apt_repository:
Expand Down
3 changes: 2 additions & 1 deletion playbooks/roles/openvpn/tasks/install.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
---
- name: Add the official OpenVPN APT key
- name: "Add the official OpenVPN APT key; hiding 25 lines of log..."
apt_key:
id: E158C569
data: "{{ item }}"
with_file: openvpn_signing.key
no_log: True

- name: Add the official OpenVPN repository
apt_repository:
Expand Down
3 changes: 2 additions & 1 deletion playbooks/roles/tor-bridge/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
---
- name: Add the Tor APT key
- name: "Add the Tor APT key; hiding 200 lines of log..."
apt_key:
id: 886DDD89
data: "{{ item }}"
with_file: tor-signing.key
no_log: True

- name: Add the Tor repository
apt_repository:
Expand Down