From f43110b0edcb72da7f46e3f8d835dc021616fe45 Mon Sep 17 00:00:00 2001 From: Matt Clay Date: Mon, 16 Sep 2019 21:01:37 -0700 Subject: [PATCH] [stable-2.8] Mark ansible-test cloud credentials as sensitive.. (cherry picked from commit 9f7b124a6fe616c3fd06d500c1a6f6969c57ba2d) Co-authored-by: Matt Clay --- test/runner/lib/cloud/azure.py | 5 +++++ test/runner/lib/cloud/cloudscale.py | 2 ++ test/runner/lib/cloud/cs.py | 4 ++++ test/runner/lib/cloud/hcloud.py | 4 ++++ test/runner/lib/cloud/opennebula.py | 2 ++ test/runner/lib/cloud/scaleway.py | 7 ++++++- test/runner/lib/cloud/tower.py | 2 ++ test/runner/lib/cloud/vultr.py | 7 ++++++- 8 files changed, 31 insertions(+), 2 deletions(-) diff --git a/test/runner/lib/cloud/azure.py b/test/runner/lib/cloud/azure.py index efdad61ea21..e539d3abc1d 100644 --- a/test/runner/lib/cloud/azure.py +++ b/test/runner/lib/cloud/azure.py @@ -124,6 +124,8 @@ class AzureCloudProvider(CloudProvider): RESOURCE_GROUP_SECONDARY=response['resourceGroupNames'][1], ) + display.sensitive.add(values['AZURE_SECRET']) + config = '\n'.join('%s: %s' % (key, values[key]) for key in sorted(values)) config = '[default]\n' + config @@ -145,6 +147,9 @@ class AzureCloudEnvironment(CloudEnvironment): """ env_vars = get_config(self.config_path) + display.sensitive.add(env_vars.get('AZURE_SECRET')) + display.sensitive.add(env_vars.get('AZURE_PASSWORD')) + ansible_vars = dict( resource_prefix=self.resource_prefix, ) diff --git a/test/runner/lib/cloud/cloudscale.py b/test/runner/lib/cloud/cloudscale.py index 0777a9ce562..19bb952d9c8 100644 --- a/test/runner/lib/cloud/cloudscale.py +++ b/test/runner/lib/cloud/cloudscale.py @@ -65,6 +65,8 @@ class CloudscaleCloudEnvironment(CloudEnvironment): CLOUDSCALE_API_TOKEN=parser.get('default', 'cloudscale_api_token'), ) + display.sensitive.add(env_vars['CLOUDSCALE_API_TOKEN']) + ansible_vars = dict( cloudscale_resource_prefix=self.resource_prefix, ) diff --git a/test/runner/lib/cloud/cs.py b/test/runner/lib/cloud/cs.py index d2e9654edfc..2ad54ed61bc 100644 --- a/test/runner/lib/cloud/cs.py +++ b/test/runner/lib/cloud/cs.py @@ -200,6 +200,8 @@ class CsCloudProvider(CloudProvider): SECRET=credentials['secretkey'], ) + display.sensitive.add(values['SECRET']) + config = self._populate_config_template(config, values) self._write_config(config) @@ -279,6 +281,8 @@ class CsCloudEnvironment(CloudEnvironment): CLOUDSTACK_TIMEOUT=config['timeout'], ) + display.sensitive.add(env_vars['CLOUDSTACK_SECRET']) + ansible_vars = dict( cs_resource_prefix=self.resource_prefix, ) diff --git a/test/runner/lib/cloud/hcloud.py b/test/runner/lib/cloud/hcloud.py index dba35f9e56c..9d38aeb5bb7 100644 --- a/test/runner/lib/cloud/hcloud.py +++ b/test/runner/lib/cloud/hcloud.py @@ -76,6 +76,8 @@ class HcloudCloudProvider(CloudProvider): TOKEN=token, ) + display.sensitive.add(values['TOKEN']) + config = self._populate_config_template(config, values) self._write_config(config) @@ -100,6 +102,8 @@ class HcloudCloudEnvironment(CloudEnvironment): HCLOUD_TOKEN=parser.get('default', 'hcloud_api_token'), ) + display.sensitive.add(env_vars['HCLOUD_TOKEN']) + ansible_vars = dict( hcloud_prefix=self.resource_prefix, ) diff --git a/test/runner/lib/cloud/opennebula.py b/test/runner/lib/cloud/opennebula.py index 9cc87d3be18..667c2b8822a 100644 --- a/test/runner/lib/cloud/opennebula.py +++ b/test/runner/lib/cloud/opennebula.py @@ -58,6 +58,8 @@ class OpenNebulaCloudEnvironment(CloudEnvironment): ansible_vars.update(dict(parser.items('default'))) + display.sensitive.add(ansible_vars.get('opennebula_password')) + return CloudEnvironmentConfig( ansible_vars=ansible_vars, ) diff --git a/test/runner/lib/cloud/scaleway.py b/test/runner/lib/cloud/scaleway.py index fb9240823d7..6ea4429056e 100644 --- a/test/runner/lib/cloud/scaleway.py +++ b/test/runner/lib/cloud/scaleway.py @@ -9,7 +9,10 @@ from lib.cloud import ( CloudEnvironmentConfig, ) -from lib.util import ConfigParser +from lib.util import ( + ConfigParser, + display, +) class ScalewayCloudProvider(CloudProvider): @@ -56,6 +59,8 @@ class ScalewayCloudEnvironment(CloudEnvironment): SCW_ORG=parser.get('default', 'org') ) + display.sensitive.add(env_vars['SCW_API_KEY']) + ansible_vars = dict( scw_org=parser.get('default', 'org'), ) diff --git a/test/runner/lib/cloud/tower.py b/test/runner/lib/cloud/tower.py index e77709d4e9a..fcc8bb5d9c6 100644 --- a/test/runner/lib/cloud/tower.py +++ b/test/runner/lib/cloud/tower.py @@ -120,6 +120,8 @@ class TowerCloudProvider(CloudProvider): PASSWORD=connection.password, ) + display.sensitive.add(values['PASSWORD']) + config = self._populate_config_template(config, values) self._write_config(config) diff --git a/test/runner/lib/cloud/vultr.py b/test/runner/lib/cloud/vultr.py index 79a664f54d4..43b2ba3e1cd 100644 --- a/test/runner/lib/cloud/vultr.py +++ b/test/runner/lib/cloud/vultr.py @@ -9,7 +9,10 @@ from lib.cloud import ( CloudEnvironmentConfig, ) -from lib.util import ConfigParser +from lib.util import ( + ConfigParser, + display, +) class VultrCloudProvider(CloudProvider): @@ -55,6 +58,8 @@ class VultrCloudEnvironment(CloudEnvironment): VULTR_API_KEY=parser.get('default', 'key'), ) + display.sensitive.add(env_vars['VULTR_API_KEY']) + ansible_vars = dict( vultr_resource_prefix=self.resource_prefix, )