From 051ada88e0b6be6b49e4f6ca1870fa2cb54e6d7a Mon Sep 17 00:00:00 2001
From: Brad Smith <brasmith@redhat.com>
Date: Wed, 13 Oct 2021 16:24:55 -0400
Subject: [PATCH] remove bash "set -x" flag (#132)

This change *removes* the existing "set -x" commands from the start of the cicd scripts.

Having "set -x" at the beginning of files that are expected to be sourced in by the build and PR check scripts for other services means that the job logs for those services are always extremely noisy. Furthermore, if the service developers don't realize that the noisy "print all commands" flag was set, secrets and credentials that are set in the service's own scripts may unknowingly be leaked into logs since all commands are being printed out. (This has actually been happening, leaking Red Hat QE's AWS and Azure credentials in smoke tests, much to our chagrin.)

I think it would be better for the sourced bonfire scripts to be quieter by default, as is the case for many shell commands in general. If the calling script in the service wants to get all the noise, they should be the one to "set -x" (or equivalent) as needed. Maybe in the future you could have these scripts look for some kind of "debug" or "verbose" flag before turning the noise up to 11.
---
 cicd/_common_deploy_logic.sh | 2 +-
 cicd/bootstrap.sh            | 2 +-
 cicd/build.sh                | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/cicd/_common_deploy_logic.sh b/cicd/_common_deploy_logic.sh
index 18b2041f..97e5ba07 100644
--- a/cicd/_common_deploy_logic.sh
+++ b/cicd/_common_deploy_logic.sh
@@ -11,7 +11,7 @@
 #GIT_COMMIT="abcd123defg456"  # full git commit hash of the PR being tested
 trap "teardown" EXIT ERR SIGINT SIGTERM
 
-set -ex
+set -e
 
 : ${COMPONENTS:=""}
 : ${COMPONENTS_W_RESOURCES:=""}
diff --git a/cicd/bootstrap.sh b/cicd/bootstrap.sh
index ece73ee2..39a8f114 100644
--- a/cicd/bootstrap.sh
+++ b/cicd/bootstrap.sh
@@ -1,4 +1,4 @@
-set -exv
+set -ev
 
 # log in to ephemeral cluster
 oc login --token=$OC_LOGIN_TOKEN --server=$OC_LOGIN_SERVER
diff --git a/cicd/build.sh b/cicd/build.sh
index 91233948..4ad87d01 100644
--- a/cicd/build.sh
+++ b/cicd/build.sh
@@ -16,7 +16,7 @@
 #RH_REGISTRY_USER
 #RH_REGISTRY_TOKEN
 
-set -ex
+set -e
 
 function build {
     if [ ! -f "$APP_ROOT/$DOCKERFILE" ]; then