mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
[PR #2001/1ea08076 backport][stable-1] Mark non-secret leaking module options with no_log=False (#2004)
* Mark non-secret leaking module options with no_log=False (#2001)
* Mark non-secret leaking module options with no_log=False.
* Add changelog fragment.
(cherry picked from commit 1ea080762b
)
* Add one more.
Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
parent
a3a01d8b87
commit
4f31106ac4
19 changed files with 20 additions and 18 deletions
2
changelogs/fragments/2001-no_log-false.yml
Normal file
2
changelogs/fragments/2001-no_log-false.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
bugfixes:
|
||||||
|
- "Mark various module options with ``no_log=False`` which have a name that potentially could leak secrets, but which do not (https://github.com/ansible-collections/community.general/pull/2001)."
|
|
@ -104,7 +104,7 @@ def get_common_arg_spec(supports_create=False, supports_wait=False):
|
||||||
|
|
||||||
if supports_create:
|
if supports_create:
|
||||||
common_args.update(
|
common_args.update(
|
||||||
key_by=dict(type="list", elements="str"),
|
key_by=dict(type="list", elements="str", no_log=False),
|
||||||
force_create=dict(type="bool", default=False),
|
force_create=dict(type="bool", default=False),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -2729,7 +2729,7 @@ def main():
|
||||||
gid=dict(type='str'),
|
gid=dict(type='str'),
|
||||||
mode=dict(type='int'),
|
mode=dict(type='int'),
|
||||||
)),
|
)),
|
||||||
secrets=dict(type='list', elements='dict', options=dict(
|
secrets=dict(type='list', elements='dict', no_log=False, options=dict(
|
||||||
secret_id=dict(type='str'),
|
secret_id=dict(type='str'),
|
||||||
secret_name=dict(type='str', required=True),
|
secret_name=dict(type='str', required=True),
|
||||||
filename=dict(type='str'),
|
filename=dict(type='str'),
|
||||||
|
|
|
@ -549,7 +549,7 @@ def main():
|
||||||
password=dict(default='', required=False, type='str', no_log=True),
|
password=dict(default='', required=False, type='str', no_log=True),
|
||||||
account=dict(default='', required=False, type='str'),
|
account=dict(default='', required=False, type='str'),
|
||||||
application=dict(required=True, type='str'),
|
application=dict(required=True, type='str'),
|
||||||
keyset=dict(required=True, type='str'),
|
keyset=dict(required=True, type='str', no_log=False),
|
||||||
state=dict(default='present', type='str',
|
state=dict(default='present', type='str',
|
||||||
choices=['started', 'stopped', 'present', 'absent']),
|
choices=['started', 'stopped', 'present', 'absent']),
|
||||||
name=dict(required=True, type='str'), description=dict(type='str'),
|
name=dict(required=True, type='str'), description=dict(type='str'),
|
||||||
|
|
|
@ -1448,7 +1448,7 @@ def main():
|
||||||
iam_role_arn=dict(type='str'),
|
iam_role_arn=dict(type='str'),
|
||||||
iam_role_name=dict(type='str'),
|
iam_role_name=dict(type='str'),
|
||||||
image_id=dict(type='str', required=True),
|
image_id=dict(type='str', required=True),
|
||||||
key_pair=dict(type='str'),
|
key_pair=dict(type='str', no_log=False),
|
||||||
kubernetes=dict(type='dict'),
|
kubernetes=dict(type='dict'),
|
||||||
lifetime_period=dict(type='int'),
|
lifetime_period=dict(type='int'),
|
||||||
load_balancers=dict(type='list'),
|
load_balancers=dict(type='list'),
|
||||||
|
|
|
@ -1839,7 +1839,7 @@ def main():
|
||||||
type='list',
|
type='list',
|
||||||
elements='dict',
|
elements='dict',
|
||||||
options=dict(
|
options=dict(
|
||||||
key=dict(type='str', required=True),
|
key=dict(type='str', required=True, no_log=False),
|
||||||
value=dict(type='raw', required=True),
|
value=dict(type='raw', required=True),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
|
|
@ -229,7 +229,7 @@ _ARGUMENT_SPEC = {
|
||||||
PORT_PARAMETER_NAME: dict(default=8500, type='int'),
|
PORT_PARAMETER_NAME: dict(default=8500, type='int'),
|
||||||
RULES_PARAMETER_NAME: dict(type='list', elements='dict'),
|
RULES_PARAMETER_NAME: dict(type='list', elements='dict'),
|
||||||
STATE_PARAMETER_NAME: dict(default=PRESENT_STATE_VALUE, choices=[PRESENT_STATE_VALUE, ABSENT_STATE_VALUE]),
|
STATE_PARAMETER_NAME: dict(default=PRESENT_STATE_VALUE, choices=[PRESENT_STATE_VALUE, ABSENT_STATE_VALUE]),
|
||||||
TOKEN_PARAMETER_NAME: dict(),
|
TOKEN_PARAMETER_NAME: dict(no_log=False),
|
||||||
TOKEN_TYPE_PARAMETER_NAME: dict(choices=[CLIENT_TOKEN_TYPE_VALUE, MANAGEMENT_TOKEN_TYPE_VALUE],
|
TOKEN_TYPE_PARAMETER_NAME: dict(choices=[CLIENT_TOKEN_TYPE_VALUE, MANAGEMENT_TOKEN_TYPE_VALUE],
|
||||||
default=CLIENT_TOKEN_TYPE_VALUE)
|
default=CLIENT_TOKEN_TYPE_VALUE)
|
||||||
}
|
}
|
||||||
|
|
|
@ -297,7 +297,7 @@ def main():
|
||||||
argument_spec=dict(
|
argument_spec=dict(
|
||||||
cas=dict(type='str'),
|
cas=dict(type='str'),
|
||||||
flags=dict(type='str'),
|
flags=dict(type='str'),
|
||||||
key=dict(type='str', required=True),
|
key=dict(type='str', required=True, no_log=False),
|
||||||
host=dict(type='str', default='localhost'),
|
host=dict(type='str', default='localhost'),
|
||||||
scheme=dict(type='str', default='http'),
|
scheme=dict(type='str', default='http'),
|
||||||
validate_certs=dict(type='bool', default=True),
|
validate_certs=dict(type='bool', default=True),
|
||||||
|
|
|
@ -134,7 +134,7 @@ def run_module():
|
||||||
# define the available arguments/parameters that a user can pass to
|
# define the available arguments/parameters that a user can pass to
|
||||||
# the module
|
# the module
|
||||||
module_args = dict(
|
module_args = dict(
|
||||||
key=dict(type='str', required=True),
|
key=dict(type='str', required=True, no_log=False),
|
||||||
value=dict(type='str', required=True),
|
value=dict(type='str', required=True),
|
||||||
host=dict(type='str', default='localhost'),
|
host=dict(type='str', default='localhost'),
|
||||||
port=dict(type='int', default=2379),
|
port=dict(type='int', default=2379),
|
||||||
|
|
|
@ -164,7 +164,7 @@ def main():
|
||||||
argument_spec=dict(
|
argument_spec=dict(
|
||||||
path=dict(type='path', required=True, aliases=['filename']),
|
path=dict(type='path', required=True, aliases=['filename']),
|
||||||
dialect=dict(type='str', default='excel'),
|
dialect=dict(type='str', default='excel'),
|
||||||
key=dict(type='str'),
|
key=dict(type='str', no_log=False),
|
||||||
fieldnames=dict(type='list', elements='str'),
|
fieldnames=dict(type='list', elements='str'),
|
||||||
unique=dict(type='bool', default=True),
|
unique=dict(type='bool', default=True),
|
||||||
delimiter=dict(type='str'),
|
delimiter=dict(type='str'),
|
||||||
|
|
|
@ -172,7 +172,7 @@ def main():
|
||||||
argument_spec=dict(
|
argument_spec=dict(
|
||||||
path=dict(type='path', required=True, aliases=['name']),
|
path=dict(type='path', required=True, aliases=['name']),
|
||||||
namespace=dict(type='str', default='user'),
|
namespace=dict(type='str', default='user'),
|
||||||
key=dict(type='str'),
|
key=dict(type='str', no_log=False),
|
||||||
value=dict(type='str'),
|
value=dict(type='str'),
|
||||||
state=dict(type='str', default='read', choices=['absent', 'all', 'keys', 'present', 'read']),
|
state=dict(type='str', default='read', choices=['absent', 'all', 'keys', 'present', 'read']),
|
||||||
follow=dict(type='bool', default=True),
|
follow=dict(type='bool', default=True),
|
||||||
|
|
|
@ -794,7 +794,7 @@ def main():
|
||||||
algorithm=dict(type='int'),
|
algorithm=dict(type='int'),
|
||||||
cert_usage=dict(type='int', choices=[0, 1, 2, 3]),
|
cert_usage=dict(type='int', choices=[0, 1, 2, 3]),
|
||||||
hash_type=dict(type='int', choices=[1, 2]),
|
hash_type=dict(type='int', choices=[1, 2]),
|
||||||
key_tag=dict(type='int'),
|
key_tag=dict(type='int', no_log=False),
|
||||||
port=dict(type='int'),
|
port=dict(type='int'),
|
||||||
priority=dict(type='int', default=1),
|
priority=dict(type='int', default=1),
|
||||||
proto=dict(type='str'),
|
proto=dict(type='str'),
|
||||||
|
|
|
@ -224,7 +224,7 @@ def main():
|
||||||
argument_spec.update(
|
argument_spec.update(
|
||||||
repository=dict(type='str', required=True),
|
repository=dict(type='str', required=True),
|
||||||
username=dict(type='str', required=True),
|
username=dict(type='str', required=True),
|
||||||
key=dict(type='str'),
|
key=dict(type='str', no_log=False),
|
||||||
label=dict(type='str', required=True),
|
label=dict(type='str', required=True),
|
||||||
state=dict(type='str', choices=['present', 'absent'], required=True),
|
state=dict(type='str', choices=['present', 'absent'], required=True),
|
||||||
)
|
)
|
||||||
|
|
|
@ -263,7 +263,7 @@ def main():
|
||||||
repository=dict(type='str', required=True),
|
repository=dict(type='str', required=True),
|
||||||
username=dict(type='str', required=True),
|
username=dict(type='str', required=True),
|
||||||
name=dict(type='str', required=True),
|
name=dict(type='str', required=True),
|
||||||
key=dict(type='str'),
|
key=dict(type='str', no_log=False),
|
||||||
state=dict(type='str', choices=['present', 'absent'], required=True),
|
state=dict(type='str', choices=['present', 'absent'], required=True),
|
||||||
)
|
)
|
||||||
module = AnsibleModule(
|
module = AnsibleModule(
|
||||||
|
|
|
@ -291,7 +291,7 @@ def main():
|
||||||
owner=dict(required=True, type='str', aliases=['account', 'organization']),
|
owner=dict(required=True, type='str', aliases=['account', 'organization']),
|
||||||
repo=dict(required=True, type='str', aliases=['repository']),
|
repo=dict(required=True, type='str', aliases=['repository']),
|
||||||
name=dict(required=True, type='str', aliases=['title', 'label']),
|
name=dict(required=True, type='str', aliases=['title', 'label']),
|
||||||
key=dict(required=True, type='str'),
|
key=dict(required=True, type='str', no_log=False),
|
||||||
read_only=dict(required=False, type='bool', default=True),
|
read_only=dict(required=False, type='bool', default=True),
|
||||||
state=dict(default='present', choices=['present', 'absent']),
|
state=dict(default='present', choices=['present', 'absent']),
|
||||||
force=dict(required=False, type='bool', default=False),
|
force=dict(required=False, type='bool', default=False),
|
||||||
|
|
|
@ -234,7 +234,7 @@ def main():
|
||||||
api_token=dict(type='str', no_log=True),
|
api_token=dict(type='str', no_log=True),
|
||||||
state=dict(type='str', default="present", choices=["absent", "present"]),
|
state=dict(type='str', default="present", choices=["absent", "present"]),
|
||||||
project=dict(type='str', required=True),
|
project=dict(type='str', required=True),
|
||||||
key=dict(type='str', required=True),
|
key=dict(type='str', required=True, no_log=False),
|
||||||
can_push=dict(type='bool', default=False),
|
can_push=dict(type='bool', default=False),
|
||||||
title=dict(type='str', required=True)
|
title=dict(type='str', required=True)
|
||||||
))
|
))
|
||||||
|
|
|
@ -348,7 +348,7 @@ def main():
|
||||||
module = AnsibleModule(
|
module = AnsibleModule(
|
||||||
argument_spec=dict(
|
argument_spec=dict(
|
||||||
state=dict(default='present', choices=['present', 'absent', 'read']),
|
state=dict(default='present', choices=['present', 'absent', 'read']),
|
||||||
key=dict(required=True, type='str'),
|
key=dict(required=True, type='str', no_log=False),
|
||||||
value=dict(required=False, default=None, type='str'),
|
value=dict(required=False, default=None, type='str'),
|
||||||
),
|
),
|
||||||
supports_check_mode=True
|
supports_check_mode=True
|
||||||
|
|
|
@ -151,7 +151,7 @@ def main():
|
||||||
# Setup the Ansible module
|
# Setup the Ansible module
|
||||||
module = AnsibleModule(
|
module = AnsibleModule(
|
||||||
argument_spec=dict(
|
argument_spec=dict(
|
||||||
key=dict(type='str', required=True),
|
key=dict(type='str', required=True, no_log=False),
|
||||||
value_type=dict(type='str', choices=['bool', 'float', 'int', 'string']),
|
value_type=dict(type='str', choices=['bool', 'float', 'int', 'string']),
|
||||||
value=dict(type='str'),
|
value=dict(type='str'),
|
||||||
state=dict(type='str', required=True, choices=['absent', 'get', 'present']),
|
state=dict(type='str', required=True, choices=['absent', 'get', 'present']),
|
||||||
|
|
|
@ -369,7 +369,7 @@ def main():
|
||||||
argument_spec=dict(
|
argument_spec=dict(
|
||||||
domain=dict(type='str', default='NSGlobalDomain'),
|
domain=dict(type='str', default='NSGlobalDomain'),
|
||||||
host=dict(type='str'),
|
host=dict(type='str'),
|
||||||
key=dict(type='str'),
|
key=dict(type='str', no_log=False),
|
||||||
type=dict(type='str', default='string', choices=['array', 'bool', 'boolean', 'date', 'float', 'int', 'integer', 'string']),
|
type=dict(type='str', default='string', choices=['array', 'bool', 'boolean', 'date', 'float', 'int', 'integer', 'string']),
|
||||||
array_add=dict(type='bool', default=False),
|
array_add=dict(type='bool', default=False),
|
||||||
value=dict(type='raw'),
|
value=dict(type='raw'),
|
||||||
|
|
Loading…
Reference in a new issue