From 03788e17d458c1e749f04e58aeadb7a95b3daf93 Mon Sep 17 00:00:00 2001
From: Christian Berendt <berendt@betacloud-solutions.de>
Date: Wed, 31 Oct 2018 17:22:19 +0100
Subject: [PATCH] Set "no_log" for "databases user and setting permissions"
tasks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
At the moment the "databases user and setting permissions" task for
designate and nova leaks the database_password because of the use
of with_items:
---snip---
TASK [nova : Creating Nova databases user and setting permissions] *********************************************************
ok: [x -> y] => (item={u'database_password': u'password', u'database_name': u'nova', u'database_username': u'nova'})
ok: [x -> y] => (item={u'database_password': u'password', u'database_name': u'nova_cell0', u'database_username': u'nova'})
ok: [x -> y] => (item={u'database_password': u'password', u'database_name': u'nova_api', u'database_username': u'nova_api'})
---snap---
Change-Id: I141e4153223c8772c82a31d81e58057ce266c0b9
Co-authored-by: Bernd Müller <mueller@b1-systems.de>
---
ansible/roles/designate/tasks/bootstrap.yml | 1 +
ansible/roles/nova/tasks/bootstrap.yml | 1 +
2 files changed, 2 insertions(+)
diff --git a/ansible/roles/designate/tasks/bootstrap.yml b/ansible/roles/designate/tasks/bootstrap.yml
index e7f0122c4a..71899b1974 100644
--- a/ansible/roles/designate/tasks/bootstrap.yml
+++ b/ansible/roles/designate/tasks/bootstrap.yml
@@ -41,6 +41,7 @@
database_password: "{{ designate_pool_manager_database_password }}"
when:
- not use_preconfigured_databases | bool
+ no_log: true
- include_tasks: bootstrap_service.yml
when: database.changed or use_preconfigured_databases | bool
diff --git a/ansible/roles/nova/tasks/bootstrap.yml b/ansible/roles/nova/tasks/bootstrap.yml
index 82124f05c2..8f43f8fb5d 100644
--- a/ansible/roles/nova/tasks/bootstrap.yml
+++ b/ansible/roles/nova/tasks/bootstrap.yml
@@ -46,6 +46,7 @@
when:
- database.changed
- not use_preconfigured_databases | bool
+ no_log: true
- include_tasks: bootstrap_service.yml
when: database.changed or use_preconfigured_databases | bool
--
GitLab