summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDevan Goodwin <dgoodwin@redhat.com>2017-05-03 09:45:56 -0300
committerDevan Goodwin <dgoodwin@redhat.com>2017-05-03 09:45:56 -0300
commitf886b0ba6adfbcfc4c551b41de610906e66a4e3f (patch)
tree751b19b7974ea8cd7f5a272dc27a99c86fcce467
parentba5c6594ade6679d055aaecc7c38836444f0f791 (diff)
downloadopenshift-f886b0ba6adfbcfc4c551b41de610906e66a4e3f.tar.gz
openshift-f886b0ba6adfbcfc4c551b41de610906e66a4e3f.tar.bz2
openshift-f886b0ba6adfbcfc4c551b41de610906e66a4e3f.tar.xz
openshift-f886b0ba6adfbcfc4c551b41de610906e66a4e3f.zip
Stop logging AWS credentials in master role.
Using lineinfile and with_items, the items end up logged and in this case include AWS credentials. Simple us of no_log to hide them.
-rw-r--r--roles/openshift_master/tasks/systemd_units.yml1
1 files changed, 1 insertions, 0 deletions
diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml
index 506c8b129..58fabddeb 100644
--- a/roles/openshift_master/tasks/systemd_units.yml
+++ b/roles/openshift_master/tasks/systemd_units.yml
@@ -90,6 +90,7 @@
dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api
line: "{{ item }}"
with_items: "{{ master_api_aws.stdout_lines | default([]) }}"
+ no_log: True
- name: Preserve Master Controllers Proxy Config options
command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers