Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

adding no_log: true to avoid leaking redhat_portal_password #13

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

adding no_log: true to avoid leaking redhat_portal_password #13

wants to merge 1 commit into from

Conversation

vladi-k
Copy link

@vladi-k vladi-k commented Feb 13, 2020

Without this a malicious user can potentially see redhat_portal_password in clear text in ansible-playbook output or logs

@vladi-k vladi-k requested a review from Jason-RH February 13, 2020 09:45
@nicholasburr
Copy link

I see that the insights_config module is printing the last valid variable. This should be reported as a bug in the module since anyone using it will encounter this issue.

- name: Insights playbook
  hosts: all
  roles:
  - role: redhatinsights.insights-client
    vars:
    - redhat_portal_username: username
    - redhat_portal_password: password



    "invocation": {
        "module_args": {
            "allow_no_value": false,
            "attributes": null,
            "backup": false,
            "content": null,
            "create": true,
            "delimiter": null,
            "directory_mode": null,
            "follow": false,
            "force": null,
            "group": null,
            "mode": null,
            "no_extra_spaces": true,
            "option": "password",
            "owner": null,
            "path": "/etc/insights-client/insights-client.conf",
            "regexp": null,
            "remote_src": null,
            "section": "insights-client",
            "selevel": null,
            "serole": null,
            "setype": null,
            "seuser": null,
            "src": null,
            "state": "present",
            "unsafe_writes": null,
            "value": "password"
        }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Jason-RH Jason-RH Awaiting requested review from Jason-RH

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vladi-k @nicholasburr