Limit logging of credentials in services using the client
Currently, debug settings cause logging of the credentials in services using neutronclient. This should be limited unless explicitly requested, as credentials will be stored in log files for a long time and most likely will be still usable after many days.
Shell utilities do not need to have the redaction enabled, since debug messages are not visible by default. Even when they're enabled, they're not stored permanently and may be useful for reproducing the exact action using curl.
Further removing all tokens could be useful, but since their usage is limited in time and they're used all over different parts of the code, it's a separate, much longer task.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- Accepted for 2.0
- Implementation:
- Implemented
- Milestone target:
- 2.2.1-2.2.6
- Started by
- Akihiro Motoki
- Completed by
- Akihiro Motoki
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Don't log the credentials by default