action #158628
closedcoordination #105624: [saga][epic] Reconsider how openQA handles secrets
coordination #157537: [epic] Secure setup of openQA test machines with secure network+secure authentication
Prevent passwords being logged in s390x kvm test cases
Description
Observation¶
Logs from jobs in https://openqa.suse.de/tests/latest?test=default&machine=s390x-kvm like
https://openqa.suse.de/tests/13913331/logfile?filename=autoinst-log.txt
show that the test password as well as hypervisor passwords are still often logged when they should be masked
Acceptance criteria¶
- AC1: No mentions of our test or hypervisor passwords in autoinst-log.txt in the mentioned scenario (with exceptions)
Suggestions¶
- For each mention of test password and hypervisor password in https://openqa.suse.de/tests/13913331/logfile?filename=autoinst-log.txt find and address the source, e.g. using
type_passwordin the test code instead oftype_string
Updated by okurz 8 months ago
- Due date set to 2024-04-22
I found many hardcoded mentions of your passwords so I created #158631 . I don't think it's useful for myself trying to fix the complete test distribution os-autoinst-distri-opensuse.
https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/19046
Updated by okurz 7 months ago
https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/19046 merged. Awaiting verification in https://openqa.suse.de/tests/14005042