On 4/30/19 1:04 AM, Raj wrote:
> I am running into an issue where ansible is spitting up password, which is a
> security breach as these logs will
> automatically uploads to developer shared location for review. How can I mask
> the passwords in spitting up here. I need
> to use stdout_lines whether we run the job in clean state or not, so I cant
> take out that from list.
>
> |
> -name:DisablingQueue
> shell:source ~/.bash_profile && sqlplus -S '{{ admin }}/{{password
> }}@{{TNS_NAME }}' @"disable.sql"
> register: disable_queue
> delegate_to: localhost
> args:
> chdir: roles/db-deploy/files/
> tags: Jobs
>
>
> - debug: var=disable_jobqueue.stdout_lines
> delegate_to: localhost
> tags:Jobs
> |
Hello Raj,
you can disable logging of the task details with
no_log: True
Also you can pass the password in an environment variable and use that in the
shell command.
Regards
Racke
>
>
>
>
> |
> TASK [db-deploy :DisablingJobQueue]********************
> 21:46:20[buildNode1]fatal:[Host1->localhost]:FAILED!=>{"changed":true,"cmd":"source
> ~/.bash_profile && sqlplus -S
> 'userName/visiblePassword(DESCRIPTION =
> (CONNECT_TIMEOUT=5)(RETRY_COUNT=0)(LOAD_BALANCE = off)(FAILOVER =
> on)(ADDRESS_LIST=(ADDRESS = (PROTOCOL = TCP)(HOST = Host1)(PORT =
> 1521))(ADDRESS = (PROTOCOL = TCP)(HOST = Host1)(PORT =
> 1521)))(CONNECT_DATA = (SERVICE_NAME = serviceName1)))'
> @\"disable.sql\"","delta":"0:00:00.412873","end":"2019-04-25
> 02:46:20.036544","msg":"non-zero return code","rc":127,"start":"2019-04-25
> 02:46:19.623671","stderr":"/bin/sh: sqlplus:
> command not found","stderr_lines":["/bin/sh: sqlplus: command not
> found"],"stdout":"","stdout_lines":[]}
> 21:46:20[buildNode1]fatal:[Host2->localhost]:FAILED!=>{"changed":true,"cmd":"source
> ~/.bash_profile && sqlplus -S
> 'userName/visiblePassword(DESCRIPTION =
> (CONNECT_TIMEOUT=5)(RETRY_COUNT=0)(LOAD_BALANCE = off)(FAILOVER =
> on)(ADDRESS_LIST= (ADDRESS = (PROTOCOL = TCP)(HOST = Host2)(PORT =
> 1521))(ADDRESS = (PROTOCOL = TCP)(HOST = Host2)(PORT
> = 1521)))(CONNECT_DATA = (SERVICE_NAME = serviceName2)))'
> @\"disable.sql\"","delta":"0:00:00.419597","end":"2019-04-25
> 02:46:20.041097","msg":"non-zero return code","rc":127,"start":"2019-04-25
> 02:46:19.621500","stderr":"/bin/sh: sqlplus:
> command not found","stderr_lines":["/bin/sh: sqlplus: command not
> found"],"stdout":"","stdout_lines":[]}
> 21:46:20[buildNode1]fatal:[Host3->localhost]:FAILED!=>{"changed":true,"cmd":"source
> ~/.bash_profile && sqlplus -S
> 'userName/visiblePassword(DESCRIPTION =
> (CONNECT_TIMEOUT=5)(RETRY_COUNT=0)(LOAD_BALANCE = off)(FAILOVER =
> on)(ADDRESS_LIST=(ADDRESS = (PROTOCOL = TCP)(HOST = Host3)(PORT =
> 1521))(ADDRESS = (PROTOCOL = TCP)(HOST = Host3)(PORT =
> 1521)))(CONNECT_DATA = (SERVICE_NAME = serviceName3)))'
> @\"disable.sql\"","delta":"0:00:00.419941","end":"2019-04-25
> 02:46:20.054755","msg":"non-zero return code","rc":127,"start":"2019-04-25
> 02:46:19.634814","stderr":"/bin/sh: sqlplus:
> command not found","stderr_lines":["/bin/sh: sqlplus: command not
> found"],"stdout":"","stdout_lines":[]}
> |
>
>
> Thanks and Regards
> Raj
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
> [email protected]
> <mailto:[email protected]>.
> To post to this group, send email to [email protected]
> <mailto:[email protected]>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2c440447-07a0-4025-83db-053cc1454668%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/2c440447-07a0-4025-83db-053cc1454668%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/463baf2a-d7a3-f292-c937-16ac74ff0d62%40linuxia.de.
For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: OpenPGP digital signature
