Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added no_log to protected_settings variable #278

Merged
merged 5 commits into from
Oct 13, 2020
Merged

added no_log to protected_settings variable #278

merged 5 commits into from
Oct 13, 2020

Conversation

rajsshah86
Copy link
Contributor

SUMMARY

Fixes #277

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

azure_rm_virtualmachineextension

ADDITIONAL INFORMATION

Most of the ansible modules hide the password/credentials from being printed in the logs. Currently the protected_settings values are being printed in the logs when using azure_rm_virtualmachineextension module . This fix will make sure that those values are not being printed.

Before Change :

TASK [azure_virtual_machine : Creating/Updating Linux Log Analytics Extension] *******************************************************************
task path: /home/xxxxxx/agent/_work/r40/a/deployment/s/roles/azure_virtual_machine/tasks/extensions.yml:26
changed: [localhost] => (item=xxxxxx) => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "ansible_loop_var": "item",
    "changed": true,
    "invocation": {
        "module_args": {
            "ad_user": null,
            "adfs_authority_url": null,
            "api_profile": "latest",
            "auth_source": null,
            "auto_upgrade_minor_version": true,
            "cert_validation_mode": null,
            "client_id": null,
            "cloud_environment": "AzureCloud",
            "location": null,
            "name": "XYZABC_log_analytics",
            "password": null,
            "profile": null,
            "protected_settings": {
                "workspaceKey": "<ACTUAL_WORKSPACE_KEY_SECRET_GETTING_PRINTED_HERE>"
            },
            "publisher": "Microsoft.EnterpriseCloud.Monitoring",
            "resource_group": "RSGXYZABC",
            "secret": null,
            "settings": {
                "workspaceId": "12345678"
            },
            "state": "present",
            "subscription_id": null,
            "tenant": null,
            "type_handler_version": "1.9",
            "virtual_machine_extension_type": "OmsAgentForLinux",
            "virtual_machine_name": "XYZABC"

After Change :

TASK [azure_virtual_machine : Creating/Updating Linux Log Analytics Extension] *******************************************************************
task path: /home/xxxxxx/agent/_work/r40/a/deployment/s/roles/azure_virtual_machine/tasks/extensions.yml:26
changed: [localhost] => (item=xxxxxx) => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "ansible_loop_var": "item",
    "changed": true,
    "invocation": {
        "module_args": {
            "ad_user": null,
            "adfs_authority_url": null,
            "api_profile": "latest",
            "auth_source": null,
            "auto_upgrade_minor_version": true,
            "cert_validation_mode": null,
            "client_id": null,
            "cloud_environment": "AzureCloud",
            "location": null,
            "name": "XYZABC_log_analytics",
            "password": null,
            "profile": null,
            "protected_settings": {
                "workspaceKey": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER"
            },
            "publisher": "Microsoft.EnterpriseCloud.Monitoring",
            "resource_group": "RSGXYZABC",
            "secret": null,
            "settings": {
                "workspaceId": "12345678"
            },
            "state": "present",
            "subscription_id": null,
            "tenant": null,
            "type_handler_version": "1.9",
            "virtual_machine_extension_type": "OmsAgentForLinux",
            "virtual_machine_name": "XYZABC"
        }

@Fred-sun Fred-sun added medium_priority Medium priority work in In trying to solve, or in working with contributors labels Oct 9, 2020
@Fred-sun Fred-sun added ready_for_review The PR has been modified and can be reviewed and merged and removed work in In trying to solve, or in working with contributors labels Oct 12, 2020
@haiyuazhang haiyuazhang merged commit 5dab633 into ansible-collections:dev Oct 13, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
medium_priority Medium priority ready_for_review The PR has been modified and can be reviewed and merged
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Hide "protected_settings" values from being printed in azure_rm_virtualmachineextension
3 participants
@rajsshah86 @haiyuazhang @Fred-sun