Feature: private survey variables, or don't store the value of a variable #2027
Labels
Comments
|
Hi @mschmitt-nasuni , survey variables passed to Ansible as "Extra vars". Therefore they cannot be private because user can run Ansible playbook and debug mode and see all extra vars. |
|
Unfortunately I don't know how to workaround this. Let me know if you have an idea. |
|
Is there a way to maybe prompt for a variable instead? I know ansible has vars_prompt, but when I tried using that method, Semaphore hung on task execution because it's waiting for user input. |
|
Hi @mschmitt-nasuni currently it is not possible, but this feature in the priority for implementation. |
|
we added |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Related to
Web-Frontend (what users interact with), Ansible (task execution)
Impact
must have for enterprise usage
Missing Feature
There should be 'private' variables available in 'survey variables' that are not displayed to the user (like a password field) and are not saved in the task such that you cannot re-run the task and see the private variables in plaintext.
Currently, all survey variables are displayed in plaintext, and are stored in the tasks in the UI, so you can always go back and view what variable was sent with the task. This poses a security risk with sensitive variables (such as secret keys, passwords, etc.).
Implementation
Very similar to the current survey variables, but with a toggle/checkbox to make it a 'private' variable. This checkbox would make the field not readable to the end user, and would not save the variable value in the task.
Design
No response
The text was updated successfully, but these errors were encountered: