-
-
Notifications
You must be signed in to change notification settings - Fork 979
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature: private survey variables, or don't store the value of a variable #2027
Comments
Hi @mschmitt-nasuni , survey variables passed to Ansible as "Extra vars". Therefore they cannot be private because user can run Ansible playbook and debug mode and see all extra vars. |
Unfortunately I don't know how to workaround this. Let me know if you have an idea. |
Is there a way to maybe prompt for a variable instead? I know ansible has vars_prompt, but when I tried using that method, Semaphore hung on task execution because it's waiting for user input. |
Hi @mschmitt-nasuni currently it is not possible, but this feature in the priority for implementation. |
we added |
Related to
Web-Frontend (what users interact with), Ansible (task execution)
Impact
must have for enterprise usage
Missing Feature
There should be 'private' variables available in 'survey variables' that are not displayed to the user (like a password field) and are not saved in the task such that you cannot re-run the task and see the private variables in plaintext.
Currently, all survey variables are displayed in plaintext, and are stored in the tasks in the UI, so you can always go back and view what variable was sent with the task. This poses a security risk with sensitive variables (such as secret keys, passwords, etc.).
Implementation
Very similar to the current survey variables, but with a toggle/checkbox to make it a 'private' variable. This checkbox would make the field not readable to the end user, and would not save the variable value in the task.
Design
No response
The text was updated successfully, but these errors were encountered: