From b73e7721dfd1cba6d8d743701d179c99cadd143c Mon Sep 17 00:00:00 2001
From: Matt Clay <matt@mystile.com>
Date: Mon, 16 Sep 2019 19:15:04 -0700
Subject: [PATCH] Mark AWS credentials in ansible-test as sensitive.

This avoids displaying the credentials in CI when retrying tests at maximum verbosity.
---
 test/lib/ansible_test/_internal/cloud/aws.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/test/lib/ansible_test/_internal/cloud/aws.py b/test/lib/ansible_test/_internal/cloud/aws.py
index e2032d5dae7..7dad6c02c0c 100644
--- a/test/lib/ansible_test/_internal/cloud/aws.py
+++ b/test/lib/ansible_test/_internal/cloud/aws.py
@@ -74,6 +74,9 @@ class AwsCloudProvider(CloudProvider):
                 REGION='us-east-1',
             )
 
+            display.sensitive.add(values['SECRET_KEY'])
+            display.sensitive.add(values['SECURITY_TOKEN'])
+
             config = self._populate_config_template(config, values)
 
         self._write_config(config)
@@ -100,6 +103,9 @@ class AwsCloudEnvironment(CloudEnvironment):
 
         ansible_vars.update(dict(parser.items('default')))
 
+        display.sensitive.add(ansible_vars.get('aws_secret_key'))
+        display.sensitive.add(ansible_vars.get('security_token'))
+
         if 'aws_cleanup' not in ansible_vars:
             ansible_vars['aws_cleanup'] = not self.managed