From f6ee455f2b27d924f3ac1f7657006c43bfe6001e Mon Sep 17 00:00:00 2001
From: fpxie <fpxie@fiberhome.com>
Date: Mon, 23 Apr 2018 17:12:23 +0800
Subject: [PATCH] Do not log passwords

This prevents data to be leaked into the callback plugin.

Change-Id: I2c281e33c1bb6bf52198e35a78b77ea3ede1f2cf
---
 handlers/main.yml                | 1 +
 tasks/monasca_alarms_setup.yml   | 2 ++
 tasks/monasca_influxdb_setup.yml | 3 +++
 tasks/monasca_service_setup.yml  | 8 ++++++++
 4 files changed, 14 insertions(+)

diff --git a/handlers/main.yml b/handlers/main.yml
index a4e1e7a..328af33 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -34,6 +34,7 @@
     name: "{{ monasca_galera_database }}"
     state: import
     target: "/opt/mon_mysql.sql"
+  no_log: True
 
 - name: Restart monasca services
   service:
diff --git a/tasks/monasca_alarms_setup.yml b/tasks/monasca_alarms_setup.yml
index 131e8da..5b806fe 100644
--- a/tasks/monasca_alarms_setup.yml
+++ b/tasks/monasca_alarms_setup.yml
@@ -31,6 +31,7 @@
     keystone_project_name: "{{ keystone_admin_tenant_name }}"
     monasca_api_url: "{{ monasca_service_internalurl }}"
   register: default_notification
+  no_log: True
 
 - name: Create default alarm definitions
   monasca_alarm_definition:
@@ -51,3 +52,4 @@
     keystone_project_name: "{{ keystone_admin_tenant_name }}"
     monasca_api_url: "{{ monasca_service_internalurl }}"
   with_items: "{{ monasca_default_alarms }}"
+  no_log: True
diff --git a/tasks/monasca_influxdb_setup.yml b/tasks/monasca_influxdb_setup.yml
index 317407e..ea03041 100644
--- a/tasks/monasca_influxdb_setup.yml
+++ b/tasks/monasca_influxdb_setup.yml
@@ -24,6 +24,7 @@
     password: "{{ monasca_influxdb_admin_password }}"
     database_name: "{{ monasca_influxdb_database }}"
     state: present
+  no_log: True
 
 - name: Create influxdb retention policy for database
   influxdb_retention_policy:
@@ -35,6 +36,7 @@
     policy_name: persister_all
     duration: "{{ monasca_influxdb_retention_policy }}"
     replication: "{{ monasca_influxdb_replication_factor }}"
+  no_log: True
 
 - name: Create influxdb users
   influxdb_user:
@@ -47,4 +49,5 @@
     user_pass: "{{ item.password }}"
   with_items:
     - "{{ monasca_influxdb_users }}"
+  no_log: True
 
diff --git a/tasks/monasca_service_setup.yml b/tasks/monasca_service_setup.yml
index 28d7f57..4c857ba 100644
--- a/tasks/monasca_service_setup.yml
+++ b/tasks/monasca_service_setup.yml
@@ -32,6 +32,7 @@
   until: add_service|success
   retries: 5
   delay: 2
+  no_log: True
 
 # Create an admin user
 - name: Ensure monasca user
@@ -50,6 +51,7 @@
   until: add_user|success
   retries: 5
   delay: 10
+  no_log: True
 
 # Add a role to the user
 - name: Ensure monasca user to admin role
@@ -68,6 +70,7 @@
   until: add_user_role|success
   retries: 5
   delay: 10
+  no_log: True
 
 # Create monasca roles
 - name: Ensure monasca user, agent and read only roles
@@ -84,6 +87,7 @@
   until: add_roles|success
   retries: 5
   delay: 10
+  no_log: True
   with_flattened:
     - "{{ monasca_user_roles }}"
     - "{{ monasca_agent_roles }}"
@@ -106,6 +110,7 @@
   until: add_user|success
   retries: 5
   delay: 10
+  no_log: True
 
 # Add a role to the user
 - name: Ensure monasca-agent user to monasca-agent roles
@@ -124,6 +129,7 @@
   until: add_user_role|success
   retries: 5
   delay: 10
+  no_log: True
   with_items: "{{ monasca_agent_roles }}"
 
 # Add a role to the user
@@ -143,6 +149,7 @@
   until: add_user_role|success
   retries: 5
   delay: 10
+  no_log: True
   with_items: "{{ monasca_user_roles }}"
 
 # Create an endpoint
@@ -168,3 +175,4 @@
   until: add_endpoint|success
   retries: 5
   delay: 10
+  no_log: True