ovirt_auth: fix type and password leak (#3119)

Do not leak the password in log, and verify the path of ca_file
pull/18777/head
Michael Scherer 8 years ago committed by Matt Clay
parent e5688c709a
commit c1f7fa2f3b

@ -98,10 +98,7 @@ tasks:
# oVirt user's password, and include that yaml file with variable: # oVirt user's password, and include that yaml file with variable:
- include_vars: ovirt_password.yml - include_vars: ovirt_password.yml
# Always be sure to pass 'no_log: true' to ovirt_auth task,
# so the oVirt user's password is not logged:
- name: Obtain SSO token with using username/password credentials: - name: Obtain SSO token with using username/password credentials:
no_log: true
ovirt_auth: ovirt_auth:
url: https://ovirt.example.com/ovirt-engine/api url: https://ovirt.example.com/ovirt-engine/api
username: admin@internal username: admin@internal
@ -171,8 +168,8 @@ def main():
argument_spec=dict( argument_spec=dict(
url=dict(default=None), url=dict(default=None),
username=dict(default=None), username=dict(default=None),
password=dict(default=None), password=dict(default=None, no_log=True),
ca_file=dict(default=None), ca_file=dict(default=None, type='path'),
insecure=dict(required=False, type='bool', default=False), insecure=dict(required=False, type='bool', default=False),
timeout=dict(required=False, type='int', default=0), timeout=dict(required=False, type='int', default=0),
compress=dict(required=False, type='bool', default=True), compress=dict(required=False, type='bool', default=True),

Loading…
Cancel
Save