Is there an existing issue for this?
What are you currently unable to do
incus info outputs data that could be considered sensitive like:
acme.provider.environment containing a secret tokenacme.email containing personal informationuser variables containing secretsenvironment.certificate containing public key (not a secret but fingerprintable)environment.certificate_fingerprint
This is only a feature request because the only people able to access that information are incus admins, but dumping incus info-like information might be useful in logs, especially on incus-os (no access to underlying system). And incus info is, helpfully, requested when submitting bug requests.
What do you think would need to be added
I think it would be nice if we could have:
- an
incus verb/flag to provide the same info, edited to remove sensitive keys.
- Provide a
user.secret (or similar) namespace that would be filtered out in the same way (or look for .secret as last element of the key or something along those lines).
Is there an existing issue for this?
What are you currently unable to do
incus infooutputs data that could be considered sensitive like:acme.provider.environmentcontaining a secret tokenacme.emailcontaining personal informationuservariables containing secretsenvironment.certificatecontaining public key (not a secret but fingerprintable)environment.certificate_fingerprintThis is only a feature request because the only people able to access that information are incus admins, but dumping
incus info-like information might be useful in logs, especially on incus-os (no access to underlying system). Andincus infois, helpfully, requested when submitting bug requests.What do you think would need to be added
I think it would be nice if we could have:
incusverb/flag to provide the sameinfo, edited to remove sensitive keys.user.secret(or similar) namespace that would be filtered out in the same way (or look for.secretas last element of the key or something along those lines).