Hi Running Ansible 1.8.2 and I am trying to prevent sensitive information for a task from reaching the log at ANSIBLE_LOG_PATH or the console where ansible-playbook is running.
My task: - name: Dump database command: pg_dump -with -some -params environment: PGPASSWORD: mysecret no_log: True When running with ANSIBLE_LOG_PATH=notsosecret.log ansible-playbook mybook.yml -vvv this is my console output: TASK: [Dump database] ********************************************** <ec2-x-x-x-x.us-west-2.compute.amazonaws.com> ESTABLISH CONNECTION FOR USER: ubuntu <ec2-x-x-x-x.us-west-2.compute.amazonaws.com> REMOTE_MODULE command pg_dump -with -some -params NO_LOG=True <ec2-x-x-x-x.us-west-2.compute.amazonaws.com> EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=4h -o ControlPath="/home/ubuntu/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 ec2-x-x-x-x.us-west-2.compute.amazonaws.com /bin/sh -c 'LANG=C PGPASSWORD=mysecret LC_CTYPE=C /usr/bin/python' And my log file: 2015-01-14 02:40:45,102 p=3055 u=ubuntu | TASK: [Dump database] ********************************************** 2015-01-14 02:40:45,108 p=3055 u=ubuntu | <ec2-x-x-x-x.us-west-2.compute.amazonaws.com> ESTABLISH CONNECTION FOR USER: ubuntu 2015-01-14 02:40:45,110 p=3055 u=ubuntu | <ec2-x-x-x-x.us-west-2.compute.amazonaws.com> REMOTE_MODULE command pg_dump -with -some -params NO_LOG=True 2015-01-14 02:40:45,121 p=3055 u=ubuntu | <ec2-x-x-x-x.us-west-2.compute.amazonaws.com> EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=4h -o ControlPath="/home/ubuntu/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 ec2-x-x-x-x.us-west-2.compute.amazonaws.com /bin/sh -c 'LANG=C PGPASSWORD=mysecret LC_CTYPE=C /usr/bin/python' Is this a bug/regression? I read https://github.com/ansible/ansible/issues/8647 which seems related and should be included in 1.8.2 if I’m not mistaken. Regards Tom -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAAnNz0PufY-50A2ao3ThUa9evDfmr%2B32v9ZKJaCQ0YWE5aJ_kg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.