Do not log amphora ssh keys

This patch adds a no_log clause to external_deploy tasks that might result in an SSH key getting logged. Change-Id: I2a38a48aabdc167134aee757cd5270af4c498c8d Related-Bug: #1918138 (cherry picked from commit c650588)
openstack-archive · Jul 20, 2021 · 8f79482 · 8f79482
1 parent 5fc7cac
commit 8f79482
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/deployment/octavia/octavia-deployment-config.j2.yaml b/deployment/octavia/octavia-deployment-config.j2.yaml
@@ -276,6 +276,7 @@ outputs:
             - name: Set up group_vars
               set_fact:
                 octavia_ansible_group_vars: { get_attr: [OctaviaVars, value, vars] }
+              no_log: "{{ hide_sensitive_logs | bool }}"
             - name: Make needed directories on the undercloud
               become: true
               file:
@@ -290,6 +291,7 @@ outputs:
               copy:
                 dest: "{{ octavia_ansible_group_vars.octavia_group_vars_dir }}/octavia_vars.yaml"
                 content: "{{ octavia_ansible_group_vars|to_nice_yaml }}"
+              no_log: "{{ hide_sensitive_logs | bool }}"
             - name: Write octavia inventory
               copy:
                 dest: "{{playbook_dir}}/octavia-ansible/inventory.yaml"