Be more careful about what env we log in ansible-provision

Now that it can use AWS tokens for auth, we need to be careful about just dumping env into logs (and thus into splunk).

Be more careful about what env we log in ansible-provision
Now that it can use AWS tokens for auth, we need to be careful about just dumping env into logs (and thus into splunk).
86b8235e · Kevin Falcone · 9c7fc649 · 86b8235e
Commit 86b8235e authored Aug 18, 2016 by Kevin Falcone
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletions

util/jenkins/ansible-provision.sh
+4 -1

No files found.
--- a/util/jenkins/ansible-provision.sh
+++ b/util/jenkins/ansible-provision.sh
@@ -18,7 +18,10 @@
 # - environment
 # - name_tag
 set -x
-env
+
+# Seeing the environment is fine, spewing secrets to the log isn't ok
+env | grep -v AWS | grep -v ARN
+
 export PYTHONUNBUFFERED=1
 export BOTO_CONFIG=/var/lib/jenkins/${aws_account}.boto