Skip to content

Commit 3df809b

Browse files
NormoNormo
committed
gitlab_runner: add option to hide sensitive changes in diffs
Introduce new variable `gitlab_runner_hide_sensitive_changes` (default: true). Replaces hardcoded `no_log: true` with conditional `no_log` usage to allow hiding sensitive values in diffs by default, while keeping possibility to override for debugging. Signed-off-by: Norman Ziegner <[email protected]>
1 parent c365f64 commit 3df809b

File tree

4 files changed

+11
-3
lines changed

4 files changed

+11
-3
lines changed

roles/gitlab_runner/README.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,11 @@ Decide wether to install Docker via
8484
Docker is required for the `docker` executor but not for the
8585
`docker+machine` executor.
8686

87+
```yaml
88+
gitlab_runner_hide_sensitive_changes: true
89+
```
90+
Do not display sensitive changes in diffs by default.
91+
8792
### Docker-machine variables
8893

8994
```yaml

roles/gitlab_runner/defaults/main.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,3 +52,6 @@ gitlab_runner_autoscaler_plugin_url: "https://github.com/sardinasystems/fleeting
5252
gitlab_runner_autoscaler_plugin_checksumfile: "https://github.com/sardinasystems/fleeting-plugin-openstack/releases/download/{{ gitlab_runner_autoscaler_plugin_version }}/fleeting-plugin-openstack_{{ gitlab_runner_autoscaler_binary_version }}_sha512-checksums.txt"
5353

5454
gitlab_runner_butane_config_template: "butane-config.bu.j2"
55+
56+
# Do not display sensitive changes in diffs by default
57+
gitlab_runner_hide_sensitive_changes: true

roles/gitlab_runner/tasks/install.autoscaler-plugin.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,6 @@
6767
owner: "root"
6868
group: "root"
6969
mode: '0600'
70-
no_log: true
70+
no_log: "{{ gitlab_runner_hide_sensitive_changes }}"
7171

7272
...

roles/gitlab_runner/tasks/main.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@
4242
- name: "Initialize docker-machine"
4343
ansible.builtin.include_tasks: "docker-machine-init.yml"
4444
when: "__gitlab_runner_install_docker_machine"
45-
no_log: true
45+
no_log: "{{ gitlab_runner_hide_sensitive_changes }}"
4646
loop: "{{ gitlab_runner_list }}"
4747
loop_control:
4848
loop_var: "gitlab_runner"
@@ -63,7 +63,7 @@
6363
group: "{{ gitlab_runner_config_group | default('root') }}"
6464
mode: "0600"
6565
notify: "Restart GitLab-Runner"
66-
no_log: true
66+
no_log: "{{ gitlab_runner_hide_sensitive_changes }}"
6767
vars:
6868
__ignition_content: "{{ __ignition_json['content'] | b64decode }}"
6969
when: "not __gitlab_runner_is_initial_dryrun"

0 commit comments

Comments
 (0)