From 2309e5265a1d5f28480ae872817b5de05f66e83c Mon Sep 17 00:00:00 2001
From: apetrich <petrich@gmail.com>
Date: Mon, 3 Sep 2018 14:00:22 +0200
Subject: [PATCH] Remove extra information from std.ssh action

The ssh error message can lead to information leak.
Removing the extra ssh message effects only the CLI call,
the full message is still being logged

Change-Id: I0b28e1cb17d4ce3ae711a25b6eaffb4ebf00ccd6
Closes-Bug: 1783708
(cherry picked from commit c93b45a61f49d4633f76d8e117cd89063e7759c4)
---
 mistral/actions/std_actions.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/mistral/actions/std_actions.py b/mistral/actions/std_actions.py
index eab06e66b..2b1706722 100644
--- a/mistral/actions/std_actions.py
+++ b/mistral/actions/std_actions.py
@@ -397,8 +397,11 @@ class SSHAction(actions.Action):
         def raise_exc(parent_exc=None):
             message = ("Failed to execute ssh cmd "
                        "'%s' on %s" % (self.cmd, self.host))
+            # We suppress the actual parent error messages in favor of
+            # more generic ones as we might be leaking information to the CLI
             if parent_exc:
-                message += "\nException: %s" % str(parent_exc)
+                # The full error message needs to be logged regardless
+                LOG.exception(message + " Exception: %s", str(parent_exc))
             raise exc.ActionException(message)
 
         try: