From 54ea1353b3cba45107682907d6b24f1813ccb54b Mon Sep 17 00:00:00 2001 From: Matt Clay Date: Mon, 16 Sep 2019 19:15:04 -0700 Subject: [PATCH] [stable-2.9] Mark AWS credentials in ansible-test as sensitive. This avoids displaying the credentials in CI when retrying tests at maximum verbosity. (cherry picked from commit b73e7721dfd1cba6d8d743701d179c99cadd143c) Co-authored-by: Matt Clay --- test/lib/ansible_test/_internal/cloud/aws.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/test/lib/ansible_test/_internal/cloud/aws.py b/test/lib/ansible_test/_internal/cloud/aws.py index e2032d5dae7..7dad6c02c0c 100644 --- a/test/lib/ansible_test/_internal/cloud/aws.py +++ b/test/lib/ansible_test/_internal/cloud/aws.py @@ -74,6 +74,9 @@ class AwsCloudProvider(CloudProvider): REGION='us-east-1', ) + display.sensitive.add(values['SECRET_KEY']) + display.sensitive.add(values['SECURITY_TOKEN']) + config = self._populate_config_template(config, values) self._write_config(config) @@ -100,6 +103,9 @@ class AwsCloudEnvironment(CloudEnvironment): ansible_vars.update(dict(parser.items('default'))) + display.sensitive.add(ansible_vars.get('aws_secret_key')) + display.sensitive.add(ansible_vars.get('security_token')) + if 'aws_cleanup' not in ansible_vars: ansible_vars['aws_cleanup'] = not self.managed