add no_log filtering for runner_item_on_xyz events

see: #5691
2026-01-18 05:01:19 -03:30 · 2017-03-17 09:54:09 -04:00 · 2017-03-17 09:54:09 -04:00 · 999a304c3b
commit 999a304c3b
parent 886e96dea9
2 changed files with 29 additions and 13 deletions
--- a/awx/lib/tests/test_display_callback.py
+++ b/awx/lib/tests/test_display_callback.py
@ -126,14 +126,13 @@ def test_callback_plugin_receives_events(executor, cache, event, playbook):
      when: false
 '''},  # noqa
 {'no_log_on_play.yml': '''
- name: play-level no_log set
+- name: args should not be logged when play-level no_log set
  connection: local
  hosts: all
  gather_facts: no
  no_log: true
  tasks:
-      - name: args should not be logged when play-level no_log set
-        shell: echo "SENSITIVE"
+      - shell: echo "SENSITIVE"
 '''},  # noqa
 {'async_no_log.yml': '''
 - name: async task args should suppressed with no_log
@ -147,6 +146,19 @@ def test_callback_plugin_receives_events(executor, cache, event, playbook):
      shell: echo "SENSITIVE"
      no_log: true
 '''},  # noqa
+{'with_items.yml': '''
+- name: with_items tasks should be suppressed with no_log
+  connection: local
+  hosts: all
+  gather_facts: no
+  tasks:
+      - shell: echo {{ item }}
+        no_log: true
+        with_items: [ "SENSITIVE", "SENSITIVE-SKIPPED", "SENSITIVE-FAILED" ]
+        when: item != "SENSITIVE-SKIPPED"
+        failed_when: item == "SENSITIVE-FAILED"
+        ignore_errors: yes
+'''},  # noqa
 ])
 def test_callback_plugin_no_log_filters(executor, cache, playbook):
    executor.run()
@ -167,4 +179,4 @@ def test_callback_plugin_strips_task_environ_variables(executor, cache, playbook
    executor.run()
    assert len(cache)
    for event in cache.values():
-        assert os.environ['VIRTUAL_ENV'] not in json.dumps(event)
+        assert os.environ['PATH'] not in json.dumps(event)
--- a/awx/lib/tower_display_callback/module.py
+++ b/awx/lib/tower_display_callback/module.py
@ -75,6 +75,11 @@ class BaseCallbackModule(CallbackBase):
        super(BaseCallbackModule, self).__init__()
        self.task_uuids = set()

+    def censor_result(self, res):
+        if res.get('_ansible_no_log', False):
+            return {'censored': "the output has been hidden due to the fact that 'no_log: true' was specified for this result"}  # noqa
+        return res
+
    @contextlib.contextmanager
    def capture_event_data(self, event, **event_data):

@ -310,9 +315,7 @@ class BaseCallbackModule(CallbackBase):
        if result._task.get_name() == 'setup':
            result._result.get('ansible_facts', {}).pop('ansible_env', None)

-        res = result._result
-        if res.get('_ansible_no_log', False):
-            res = {'censored': "the output has been hidden due to the fact that 'no_log: true' was specified for this result"}
+        res = self.censor_result(result._result)

        event_data = dict(
            host=result._host.get_name(),
@ -327,9 +330,7 @@ class BaseCallbackModule(CallbackBase):
    def v2_runner_on_failed(self, result, ignore_errors=False):
        # FIXME: Add verbosity for exception/results output.

-        res = result._result
-        if res.get('_ansible_no_log', False):
-            res = {'censored': "the output has been hidden due to the fact that 'no_log: true' was specified for this result"}
+        res = self.censor_result(result._result)

        event_data = dict(
            host=result._host.get_name(),
@ -424,28 +425,31 @@ class BaseCallbackModule(CallbackBase):
            super(BaseCallbackModule, self).v2_on_file_diff(result)

    def v2_runner_item_on_ok(self, result):
+        res = self.censor_result(result._result)
        event_data = dict(
            host=result._host.get_name(),
            task=result._task,
-            res=result._result,
+            res=res,
        )
        with self.capture_event_data('runner_item_on_ok', **event_data):
            super(BaseCallbackModule, self).v2_runner_item_on_ok(result)

    def v2_runner_item_on_failed(self, result):
+        res = self.censor_result(result._result)
        event_data = dict(
            host=result._host.get_name(),
            task=result._task,
-            res=result._result,
+            res=res,
        )
        with self.capture_event_data('runner_item_on_failed', **event_data):
            super(BaseCallbackModule, self).v2_runner_item_on_failed(result)

    def v2_runner_item_on_skipped(self, result):
+        res = self.censor_result(result._result)
        event_data = dict(
            host=result._host.get_name(),
            task=result._task,
-            res=result._result,
+            res=res,
        )
        with self.capture_event_data('runner_item_on_skipped', **event_data):
            super(BaseCallbackModule, self).v2_runner_item_on_skipped(result)