infrastructure/meta
7
0
Issues 55 Pull Requests Projects 5 Releases Activity

[Infrastructure][Ansible]: Determine method for hidden information #62

New Issue
Open
opened 2024-03-22 23:20:52 +00:00 by label · 0 comments
label commented 2024-03-22 23:20:52 +00:00
Owner
Copy Link

There is some data that should obviously be vaulted and hidden: Passwords. In our ansible repositories, references to these values are not committed or pushed in any way. However, there is some information that may not be as sensitive and is generally not committed either. These are things such as:

  • Subnets/IP's used
  • Hostnames
  • Names of EFS volumes (fs-XXXXXX)

There is likely more not listed here. Some of this information being hidden may not really gain anything and instead tends to make some work more difficult when it doesn't have to be. Fedora Project, for example, has almost all this information out in the open.

There is some data that should obviously be vaulted and hidden: Passwords. In our ansible repositories, references to these values are not committed or pushed in any way. However, there is some information that may not be as sensitive and is generally not committed either. These are things such as: * Subnets/IP's used * Hostnames * Names of EFS volumes (fs-XXXXXX) There is likely more not listed here. Some of this information being hidden may not really gain anything and instead tends to make some work more difficult when it doesn't have to be. Fedora Project, for example, has almost all this information [out in the open](https://pagure.io/fedora-infra/ansible/blob/main/f/inventory).
label added the
help wanted
gain
high
component/ansible
enhancement
task
 labels 2024-03-22 23:20:52 +00:00
label added the
priority
medium
 label 2024-03-22 23:32:48 +00:00
label added this to the RESF Infrastructure Automation Modernization project 2024-03-24 01:18:56 +00:00
Sign in to join this conversation.
main
Branches Tags
Labels
Clear labels   
bug

Something is not working

  
component/ansible

   
component/git

   
component/idm

   
component/mattermost

   
component/mirrors

   
duplicate

This issue or pull request already exists

  
effort
high

  
effort
low

  
effort
medium

  
enhancement

New feature

  
gain
high

  
gain
low

  
gain
medium

  
help wanted

Need some help

  
invalid

Something is wrong

  
issue

   
needinfo

More information is needed

  
permissions
  
priority
high

  
priority
low

  
priority
medium

  
task

   
wontfix

This won't be fixed

No Label
bug
component/ansible
component/git
component/idm
component/mattermost
component/mirrors
duplicate
effort
high
effort
low
effort
medium
enhancement
gain
high
gain
low
gain
medium
help wanted
invalid
issue
needinfo
permissions
priority
high
priority
low
priority
medium
task
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
RESF Infrastructure Automation Modernization
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: infrastructure/meta#62
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?