Fix a bunch of potential security issues (secret leaking) (#1736)

* Fix a bunch of potential security issues (secret leaking).

* oneandone_server was already ok.

* Add more parameters for pagerduty_alert.

* Add more no_log=True.
This commit is contained in:
Felix Fontein 2021-02-08 16:33:18 +01:00 committed by GitHub
commit 29bd5a9486
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
25 changed files with 52 additions and 30 deletions

View file

@ -543,7 +543,7 @@ def build_module():
snapshot_id=dict(type='str')
)),
vpc_id=dict(type='str', required=True),
admin_pass=dict(type='str'),
admin_pass=dict(type='str', no_log=True),
data_volumes=dict(type='list', elements='dict', options=dict(
volume_id=dict(type='str', required=True),
device=dict(type='str')

View file

@ -405,8 +405,8 @@ def main():
instance_gateway=dict(type='str', aliases=['gateway']),
instance_domain=dict(type='str', aliases=['domain']),
instance_dns=dict(type='str', aliases=['dns']),
instance_rootpw=dict(type='str', aliases=['rootpw']),
instance_key=dict(type='str', aliases=['key']),
instance_rootpw=dict(type='str', aliases=['rootpw'], no_log=True),
instance_key=dict(type='str', aliases=['key'], no_log=True),
sdomain=dict(type='str'),
region=dict(type='str'),
),

View file

@ -500,7 +500,7 @@ def main():
module = AnsibleModule(
argument_spec=dict(
auth_token=dict(
type='str',
type='str', no_log=True,
default=os.environ.get('ONEANDONE_AUTH_TOKEN')),
api_url=dict(
type='str',

View file

@ -594,7 +594,7 @@ def main():
module = AnsibleModule(
argument_spec=dict(
auth_token=dict(
type='str',
type='str', no_log=True,
default=os.environ.get('ONEANDONE_AUTH_TOKEN')),
api_url=dict(
type='str',

View file

@ -947,7 +947,7 @@ def main():
module = AnsibleModule(
argument_spec=dict(
auth_token=dict(
type='str',
type='str', no_log=True,
default=os.environ.get('ONEANDONE_AUTH_TOKEN')),
api_url=dict(
type='str',

View file

@ -384,7 +384,7 @@ def main():
module = AnsibleModule(
argument_spec=dict(
auth_token=dict(
type='str',
type='str', no_log=True,
default=os.environ.get('ONEANDONE_AUTH_TOKEN')),
api_url=dict(
type='str',

View file

@ -274,7 +274,7 @@ def main():
module = AnsibleModule(
argument_spec=dict(
auth_token=dict(
type='str',
type='str', no_log=True,
default=os.environ.get('ONEANDONE_AUTH_TOKEN')),
api_url=dict(
type='str',

View file

@ -238,7 +238,7 @@ def main():
loadbalancer=dict(required=True),
state=dict(default='present', choices=['present', 'absent']),
enabled=dict(type='bool', default=True),
private_key=dict(),
private_key=dict(no_log=True),
certificate=dict(),
intermediate_certificate=dict(),
secure_port=dict(type='int', default=443),

View file

@ -1459,7 +1459,7 @@ def main():
min_size=dict(type='int', required=True),
monitoring=dict(type='str'),
multai_load_balancers=dict(type='list'),
multai_token=dict(type='str'),
multai_token=dict(type='str', no_log=True),
name=dict(type='str', required=True),
network_interfaces=dict(type='list'),
on_demand_count=dict(type='int'),
@ -1483,7 +1483,7 @@ def main():
target_group_arns=dict(type='list'),
tenancy=dict(type='str'),
terminate_at_end_of_billing_hour=dict(type='bool'),
token=dict(type='str'),
token=dict(type='str', no_log=True),
unit=dict(type='str'),
user_data=dict(type='str'),
utilize_reserved_instances=dict(type='bool'),