40 lines
1.7 KiB
Diff
40 lines
1.7 KiB
Diff
From b75d6b7cc9c50184976589937c750cf3b265c08c Mon Sep 17 00:00:00 2001
|
|
From: Brian Coca <bcoca@users.noreply.github.com>
|
|
Date: Wed, 11 Mar 2020 11:50:48 -0400
|
|
Subject: [PATCH] warn about disclosure when using certain options
|
|
|
|
---
|
|
lib/ansible/plugins/connection/kubectl.py | 5 +++++
|
|
1 file changed, 5 insertions(+)
|
|
|
|
diff --git a/lib/ansible/plugins/connection/kubectl.py b/lib/ansible/plugins/connection/kubectl.py
|
|
index d8a0fcf..03f5487 100644
|
|
--- a/lib/ansible/plugins/connection/kubectl.py
|
|
+++ b/lib/ansible/plugins/connection/kubectl.py
|
|
@@ -65,6 +65,7 @@
|
|
kubectl_extra_args:
|
|
description:
|
|
- Extra arguments to pass to the kubectl command line.
|
|
+ - Please be aware that this passes information directly on the command line and it could expose sensitive data.
|
|
default: ''
|
|
vars:
|
|
- name: ansible_kubectl_extra_args
|
|
@@ -109,6 +110,8 @@
|
|
kubectl_password:
|
|
description:
|
|
- Provide a password for authenticating with the API.
|
|
+ - Please be aware that this passes information directly on the command line and it could expose sensitive data.
|
|
+ We recommend using the file based authentication options instead.
|
|
default: ''
|
|
vars:
|
|
- name: ansible_kubectl_password
|
|
@@ -117,6 +120,8 @@
|
|
kubectl_token:
|
|
description:
|
|
- API authentication bearer token.
|
|
+ - Please be aware that this passes information directly on the command line and it could expose sensitive data.
|
|
+ We recommend using the file based authentication options instead.
|
|
vars:
|
|
- name: ansible_kubectl_token
|
|
- name: ansible_kubectl_api_key
|